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information technology on business [business data processing, intra 
and inter-organizational communication by using network technology, business pro- 
cess outsourcing and knowledge process outsourcing], types of information sys- 
tem- transaction processing system (TPS), management information system (MIS), 
decision support system (DSS), knowledge management system (KMS) and their 
implementation at managerial levels [operational, tactical and strategic]. 


I.| CONCEPTS OF DATA, INFORMATION, AND KNOWLEDGE 


The two words data and information are often used interchangeably butare actually notthe same. While data 
isa collection of raw facts or figures, information comprises processed data to provide answers to the who, 
what, where, and when type of questions. There is one more important term that we must learn before going 


into the details, namely knowledge. Knowledge is the application of data and information to answer the how 
partofthequestion. Therelationshipamongdata, information,andknowledgecanbeclearly understood from 


Figure 1.1. 


1.1.1 Features of Data 
The features of data are listed here: 
* Consists of raw facts or figures. 


+ Consists of unorganized and unprocessed facts. 


* May be a simple statement. 
* Can exist in any form, usable or not. 
Does not have any significance unless processed to derive information. 


* [s obtained from experiments or surveys. 
Is used as a basis for making calculations or drawing conclusions. 


+ Can exist as numbers, text, images, sounds, and so on. 
nd volume of data that is required for 


* An organization, sometimes, has to decide on the nature ai 
deriving information. For example, date of birth of a person, salary of a customer, price of an item, 


and so on. 


ES In the business world, data usually exists in the form of spreadsheets. 
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Figure 1.1 Data, information, and knowledge 


1.1.2 Features of Information 
The features of information are as follows: 


+ Consists of processed data. . i 
+ May be the collected facts and data about a particular subject. 


* May be collected data, organized and presented in a systematic fashion, to understand the ur 
lying meaning. For example, a telephone service may supply telephone numbers to a loan 
company. Here, the collected data (numbers), when collected and organized to be used by the g 
pany, becomes information. s : m 

* Embodies the understanding of certain relationships, possibly cause and effect, For exan 
whether a person with a given date of birth is eligible to vote, whether a customer with a Spec : 


salary is able to afford the product, and so on. 


1.1.3 Features of Knowledge 


The features of knowledge are as follows: 
* Comprises human understanding of a subject matter that has been acquired through proper 


and experience. 
Is based on learning, thinking, and proper understanding of the problem area. 


* Makes the information more usable. 

Is a deterministic process. 

* Represents a pattern that connects the pieces of information together. 

* Provides a high level of predictability to explain what happened in the past and what will happen 
next. 

* Comprises all the data and information learned through experience or study. 

* Helps people draw meaningful conclusions. For example, how to market the product, so that it 
more. 


Figure 1.2 shows the data, information, and knowledge (DIK) pyramid, in which data forms the basis of 
information and knowledge. 


Example 1.1 If we know that Kellogg's 
cornflakes are too costly to be bought by 
a daily wager, a small packet of 710 can be 
introduced in the market, which he can pur- 
chase. Here, data comprises the price of the 
cornflakes and the wages of the labourer. 
Information is that he cannot afford to buy 
branded cornflakes, Knowledge is to reduc 
the price and weight, to make it affordable 


Eg., if the humidity is very high 
and the temperature drops 
substantially, then it rains. 


Knowledge 


Eg., when the temperature s 
below 15 degrees 
became humid, it started 


DIK pyramid 


Er 


1.1.4 Characteristics of Information 


To be useful, information must poss 
Table 1.1 Characteristics of information 


Characteristics Utility 


Relevance Information must pertain 
to the problem at hand. lt 
should be applicable in that 
context. 
Complete Partial information is worse 
than no information. 
Accurate Erroneous information may 
result in wrong decisions. 
Current The information used must 
be recent and the latest. 
Economical The cost of obtaining 


information should not be 
so high that it cannot be 
justified. 


Knowledge is not Information and Information Is not data, Knowledge Is derived from Infor- 
mation, which, in turn, is derived from data. 


certain characteristics, as shown in Table 1.1. 
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Examples of unusable information 


The monthly income of a candidate's father is 
irrelevant for appearance in the CA examination. 


To market a product, the marketing team must have 
information about customer buying patterns as 
well as their incomes. If a product is promoted to 
high-income group customers, who usually do not 
prefer to buy it, it often leads to wastage of time 
and effort. 


If the consumer survey gives wrong information 
about users' preferences, then the decisions 
taken, in light of the survey results, will be always 
wrong. n 


A person cannot buy a stock today, referring to the 
price and profit margin of that stock on a previous 
date. 


If the cost of conducting a survey about a new 
product is too high, then it may diminish the profit 
from sales. 


1.2 IMPACT OF INFORMATION TECHNOLOGY ON BUSINESS 


Businesses have been at the forefront of technology for ages. Whatever can speed up the production 
process will draw in more business. With the widespread use of computers, a new age of information 
technology (IT) has begun. To reap its benefits, businesses are rapidly changing their infrastructure. 
These days, almost every business is conducted over computers and communication devices, in order to 
organize large databases, personal schedules, and various other forms of essential information. 
Information technology is a comprehensive term that includes all types of technology used to 
xchange, store, use, or create information. Commonly used devices to support IT include computers, 
ervers, peripheral devices, Internet connectivity equipment, and phone systems. Breakthrough in IT 
as resulted in better or automated solutions that have not only increased the productivity, but also 
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1.2.1 Business Data Processing 
Business data processing (BDP) means performing operations in order to convert busines 


useful information. IT enables businesses to store large amounts on information, Summarize pets 
analyse them, in order to understand the business ina better way. Once data IS entered into q y E. Econ 
application, users can draw a variety of charts to interpret the data from different angles, For ex; Comp 
view the sales of a product in a particular region during the entire year, view the sales of a produce Local 
the regions in a particular month, and the like. t 3 che le 
Another example could be from banking. Banks store records of millions of users and keep com functi 
information about their accounts, loans, fixed deposits, and so on. They keep Sending statemey lower 
other promotional schemes to their customers from time to time. tuniti 
Other areas in which IT has a major impact on BDP include: 
1.2. 
Accounting and Payroll 2 

Businesses can use software accounting packages, like Microsoft Money or QuickBooks to m With 
their accounts. No longer do they need to hire full-time or third-party accountants, These so i si 

packages enable business managers to generate informative reports and financial Statements, in Y 
to make effective business decisions. Accounting systems keep track of every rupee a company g Inte 
along with every rupee of revenue. Tod: 
The accounting software also stores payroll information, tax records, and other speciali Tafel 
Business without these software packages cannot be even imagined today. Besides increasing effici thei 
IT also reduces time and space required to store a large number of files with hundreds of papers busi 
Can you think of searching information from these files? only 
soci 
Inventory Management on! 
A y F E y 
Businesses can use software packages like Microsoft Excel or Open Office to store data, pertainin Ex 
inventory, sales, and receivables and payables. The inventory management system keeps track ofp ii use 
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B cas i istoricall ired the need 
With technology, businesses can automate certain functions that have historical : eme E 
to hire an employee. They can use software like Quicken and Quickbooks to per! oe dcus «d 
keeping functions. Similarly, the sales function can be automated through contact mai Ee ee 
like SalesForce. Using automated software enables business managers to concentrate on ey E 
cut down on labour expenses. Automation technology, such as assembly lines and computer-con x) 
large volumes of goods in less time and at 


machinery, enables industries and organizations to produce 


low cost. 

Economic Efficiencies 

Companies can harness IT resources to lower their costs. Using IT infrastructure, redundant tasks can 
ld centralize their payroll function at 


be centralized at one location. For example, a large company cou | ayro H 
cies can also be realized by migrating high-cost 


one location to lower employee costs. Economic efficien à E 5 
functions into an online environment. Companies can offer customers email support, which may have a 


lower cost than a live customer support call. Cost savings can also be made through outsourcing oppor- 


tunities, remote work options, and lower-cost communication options. 


1.2.2 Enhanced Intra-organizational and Inter-organizational 


Communication 
With IT, an organization can be benefitted from faster, efficient, effective, and low-cost communication 


systems, as explained in this section. 


Internet Marketing 
Today, all businesses are moving towards making their presence felt on the 
Internet. Whether big or small, all businesses have their websites to advertise 
their products, take orders, buy merchandise, and sell excess products. Many 
businesses such as Flipkart, Amazon, Snapdeal, OLX, and so on, operate 
only online. Some businesses are also doing Internet marketing on other 
social websites. For example, we all have seen advertisements of products 


on Facebook. 
With enhanced communication (Figure 1.3), companies are able to build Figure 1.3 Enhanced 
communication 


strong relationships within their value chains. As a result, with extensive 
use of technology, even a small business can compete with established and 
big business houses. Using advanced video and graphics editing software, 
business owners create professional marketing materials that reach out to millions of netizens world- 
wide. They use cost-efficient web marketing tools like Google AdWords to spread targeted marketing 
messages, either to a broad audience or to a selected group. Business owners also share expensive adver- 
tising space online through banner- and traffic-swaps. 

Additionally, through email marketing, business managers are effectively reaching out to a large 
group of people with newsletters, coupons, or other means of business updates, and that too at very low 
costs. Going a step ahead, they have also started using mobile marketing to offer discounts to customers, 
through text messaging and by advertising their products and services. Undoubtedly, technology has 
freed small businesses from the restrictions of print advertisements to reach out to their customers. IT 


has helped businesses minimize geographic communication barriers. 
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Improved Sharing of Information BPO 

With technology, any type of information—written or broadcast—can be shared more quickly an try is 

fewer resources. Besides sharing information about new products with customers, IT also help: k T 

inventory orders, make payments, and invite quotations online. Information technology also e Figu 

companies to get into e-learning and other forms of online training to train their staff in a cost-effer pe: 
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Customer Relationship Management d 

A customer relationship management (CRM) system is used to track a customer throughout his experi ass 


or interaction with the business. Managers can view the information about how many times the customer 
calledtoordera productorservice, for help, witha technical question, or for any other conversation. All 


details help to build strong relationships with customers, by providing them with customized and proa 
responses. 


Telecommuting, Teleconferencing, and Videoconferencing 
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^ Nowadays, a business that i 
tractive-looking website is 


$ not conducted online or one that has an outdated 2 
Considered to be Unprofessional. 


1.2.3 Outsourcing 
The term outsourcing 
even reside in some ot 


process out: à 
these two forms of outsourcing a 


Types of BPO 


[ Front-otfice outsourcing | | Back-office outsourcing 


Figure 1.4 Types of BPO 


focusing on routine business tasks. The BPO service 
that is outsourced to another country is called offshore 
outsourcing, while the one outsourced to a neighboring 
country is called nearshore outsourcing. Similarly, the 
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implies hiring employees who work outside the company. These employees may 
her country. These days, we frequently hear that people are working in business 
sourcing (BPO) or knowledge process outsourcing (KPO). In this section, we will discuss 
nd understand the underlying difference between the two. 


Business Process Outsourcing 


Business process outsourcing is the practice 
in which employees outside the company are 
hired to perform specific business tasks like 
payroll. Outsourcing is done as a cost-sav- 
ing measure by big companies that want to 
focus on their key business area, rather than 


Customer 
support 


Form 
processing 


BPO service that is outsourced within the same coun- 
try is called onshore outsourcing. 

There are two main types of BPOs (as shown in 
Figure 1,4), which are front-office outsourcing and 
back-office outsourcing. While in back-office out- 
sourcing, internal business functions such as payroll, 
billing, purchasing, accounting, and HR are outsourced, 
in front-office outsourcing, customer-related services 
such as marketing and technical support are outsourced, 
as shown in Figure 1.5. 


ES Call centre jobs are BPO jobs. 


Advantages The main advantages of BPOs are as follows: 
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Data 
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Figure 1.5 Services provided by BPO 


* Companies can focus on their specialized areas and specific competencies. 

* Speed and efficiency of routine business tasks enhance when these jobs are outsourced to a third 
party. 

* All the employees of the company can concentrate in designing and implementing the core business 
strategies to bolster competitive advantage and enhance value chain engagement. 

* Companies in developed nations usually outsource their routine tasks to developing nations, where 
they have to pay very little for the same job, thereby helping to cut involved costs. 


Risks There are, however, certain serious risks that exist while outsourcing business processes. These 
are as follows: 


* Data privacy breaches can take place. 


* There can be underestimated running costs. 
* There can be overdependence on service providers. 


ZZ 
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Figure 1.7 KPO sector services 
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Establishing a KPO takes time, and thus, cannot provide immediate solutions to prevailing 


problems. - 
There can be increased complexities, due to lack of communication, between the company and the 
KPO, possibly because of legal, language, and cultural barriers. 

+ Inferior quality of outputs, missed delivery times, and cultural differences can take place. 

+ Increased costs due to salary inflation, increased standard of living, and improved (stronger) cur- 
rency of some developing countries like India may adversely affect the company. 

Political and economic instability as well as terrorist activities in the countries can affect the 


company. 
Losing out on key talent at home is a major threat to the company. 


ES KPOs provide high-end services to customers and require skilled personnel. Additionally, 
E the salary of employees working in KPOs is far better than those working in BPOs. 


Reasons for successful KPOs in India Following are some of the reasons for the success of KPOs in 


India 

+ Maturity in handling BPOs 

« Availability of high-end skilled labour, including chartered accountants, engineers, doctors, archi- 
tects, lawyers, economists, biotechnologists, and the like 
Low wages and operational costs as compared to developed nations 


* Operational efficiency 

* Adherence to international quality standards 

These days, however, many companies are moving their voice-based KPOs to countries (such as Chile 
and Mexico) with higher political stability and similar language, time zone, and cultural alignments. 
People in these countries have English as their first language and use the same accent as that used in 


most of the core companies. 
Example 1.2 Delta and United Airlines brought back their outsourced customer service operations 


to North America, when low rates of satisfaction for more sophisticated conversations with customers 
were reported. Even the other employees in the core company, who were dealing with outsourced pro- 


cesses, had the same experience. 
While basic education is necessary to get a BPO job, for a KPO job, competency in a par- 
t. A job in a KPO is not suited for a person who is a Jack of all trades. In 


ticular field is a mus 
a KPO, employees are rigorously trained in a specific sector. 


ngladesh. In such a situation, India is con- 
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country. 
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office Information System or Office Automation System 
(OIS) or office automation system (OAS) uses hardware, software, and 
ks to enhance work flow and facilitate communication among employees. While hardware 

Me uters equipped with modems, video cameras, speakers, microphones, scanners, and 

res ts software comprises word processing, spreadsheets, databases, presentation graph- 

i = weh browsers, web page authoring, personal information management, and groupware 

id pur aforementioned activities. Besides hardware and software, an OAS also uses technol- 

y Hrs communication, such as voice mail, fax, videoconferencing, and electronic data interchange 

EDD for the electronic exchange of documents, which include text, graphics, audio, and video (refer 

Figure 1.9). 

In such a system, employees perform their tasks electronically rather than manually. For example, 
in an OAS in your college, the time table, academic calendar, subjects in the semester, along with 
their guidelines, notification of events in the university, fee structure, and the like, are all published 
online, either on the website or as notifications, using emails. Had it been a manual system, the office 
staff would have to take a photocopy of the information and send it to each student’s home as a letter 
or as registered post. 

Office automation systems are implemented to support a range of business office activities like 
creating and distributing graphics and/or documents, sending messages, scheduling, and account- 
ing. Although it is meant to be used by clerks and officers working at the lower level of the pyramid, all 
levels of users avail some benefit from the OAS. 


Office information system 


jommunication technology 
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Videoconferencing, EDI 
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p e-mails, web browsers, 


[: | web page authoring 


Figure 1.9 Components of OAS 


Transaction Processing System 


A transaction is a business activity (like deposit, payment, order, or reservation). Correspondingly, TPS 
is an information system that is specifically designed to capture and process data generated in an organi- 
zation, during its day-to-day transactions. It is basically used by clerical staff, front-office personnel, and 
other employees working at the lowest level of the pyramid to perform the following transactions online. 


* Record information regarding a student during his registration, an order placed by the customer, 


payment details of a client, and the like. 


* Confirm an action or send a response to inquiries, issue receipts of payments, send a thank-you mail 


to customers, and so on. 
* Collect customers' feedback. 
* Generate employees’ paycheck. 
* Add, update, and delete existing data. 
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Management Information System 


While TPS is best suited for routine transaction processing, 
business managers felt the need for an information system 
that could perform rapid calculations and data comparisons, Detailed SS 
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rmation that is beyond a normal condition (also called 
tive measures can be instantly taken. For 
i iness managers, so that correc ; r 
dition) and notify siu notifies the purchasing department of items whose stock is less 
pd are Thus items must be reordered at the earliest. Exception reports enable 
p viam qe they no longer have to go through the detailed report to identify exceptional 
ve their time, 


This filters data to identify info 


Exception repor t 


exception co” 
example, an 1 
than the spec! 
managers to sa A ; 
conditions. information system is used by business managers working at the middle level of the 

Management info ‚mooth running of the organization in the short- to medium-term. The highly 

amid in order to ee ned by MIS, enables managers to evaluate their organization’s perfor- 
structured Bra a output with the previous one. k , X 

by compa fi B ation system supports structured decisions. Besides action and detailed reports, 

Management ee reports. Examples of MIS include sales management system, inventory 
ms = human resource management system, budgeting systems, and the like. The en 
of these systems, however, is that they have little analytical capability. It also helps compare past valu 
with the present, but does not facilitate prediction of the future. 


mance, 


Decision Support System . ' 
Transaction processing system and MIS are very well suited for providing information to appropriate 


users on a regular basis. But senior managers need some other type of information to make some longer 
term decisions. For short-term decisions, MIS is enough, but for decisions regarding a longer period of 
time, say a year, an MIS is not the one we should look for. For example, a sales manager needs informa- 
tion to find out how high to set yearly sales quotas, based on increased sales and lowered product costs. 
A DSS provides information to support such decisions. 

In order to make vital decisions, DSS not only uses data from its internal information systems, but 
also makes use of data from external sources, like business magazines, surveys of competitors available 
on the Internet, interest rates, population trends, customer demographics, spending behavior of a group 
of customers, and so on. 

Decision support system makes full use of query language (discussed in Chapter 5), statistical analy- 

sis tools, spreadsheets, and graphics to analyse data, evaluate results, and identify and document factors 
affecting a decision. This could not only help the sales manager to estimate the expected sales volume at 
each price level with greater accuracy, but also enable him to ask what-if questions, by changing one or 
more of the factors (that could affect the sales) and view the projected results. 
Executive information system Executive information system is a special type of DSS, which is spe- 
cifically designed for the information needs of business executives. It makes use of charts and tables to 
represent information that could help executives view trends, ratios, and other statistics, predict future 
sales patterns, summarize current costs, and forecast sales revenues. 

Executive information system is basically used to make strategic decisions, and therefore, relies 
heavily on external sources of data like the Dow Jones news and the Internet, to retrieve information on 
interest rates, commodity prices, and other leading economic indicators. To store all the external as well 
as internal data, current as well as historical data, DSS and EIS use extremely large databases, called 
data warehouses (refer to Chapter 5). 

Data warehouses, along with EIS, help executives analyse data according to the entire business or at 
the individual department, region, or a particular store. For example, the executive of McDonald’s can 
view the daily sales, either in all the stores worldwide, or in a particular county, or in a particular city, 


or at a specific outlet. 
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ate of knowing and understanding that is stored ES 
ulated, to influence actions. Knowledge is obtained through the organization's data Warehouse 
tools, internal expertise, and networks of knowledge workers. 

All the discussed systems fall under KMS. We can also say that KMS extends the already 
systems by assimilating more information. Basically, KMS refers to a system that manages ka 
edge in an organization (in the form of documents, policies, procedures, expertise, and experien 
to support identification, creation, capture, evaluation, storage retrieval, sharing, and dissemina 
of information, as shown in Figure 1.11. It helps employees have ready access to the organa 
documented base of facts, sources of information, and solutions, as shown in Figure 1.11.1 on 
provides network maps of the organization, depicting the flow of communication between enti 
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Figure 1.11 Knowledge management system 
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Types of knowledge managed An effective KMS provides a variety of information, which includes 


the following. 
Experiences It collects information retrieved from people, who have already tackled a problem and 
found a solution. Therefore, KMS stores information about successful strategies, and also the best prac- 
tices to solve a particular problem. 
Expertise location It stores a network map that informs the users about where to locate for an expert 
or expert information. 
Communities of practice It enables groups of individuals to discuss their problems, opportunities, les- 
sons learned, and other information gained from users. 
Feedback An organization can collect feedback from customers and employees and share it with their 
research and development (R&D) departments, so that an integrated approach can be taken to under- 
stand the shared information and produce better products and services. For example, a company devel- 
oping a new product may conduct research on their competitors and ask the R&D team to identify the 
ingredient needed in their product. The R&D team can find out from the KMS team the assets and 
processes the company has in place, which can be used to meet the sales potential, meet customer needs, 
and fill gaps within the marketplace. 
Share project files An employee team can work collaboratively on a project. They can share their files 
and information to allow everyone in the team to upload and comment on the work performed by 


others. 


Knowledge management system is widely implemented in firms of lawyers and for those 
working with accounting and management consultancy. 


Advantages Knowledge management system can be associated with open source software, and open 
standards, open protocols and open knowledge licenses, and initiatives and policies. Its advantages 


include the following: 


* Improved performance 

* Competitive advantage 

* Innovation, which gives a cutting edge to perform better than one's competitors 

* Integrating and sharing of knowledge 

* Solving problems faster 

* Developing professional skills 

* Orientation and training of new employees 

Support of better sales, by helping business users make critical decisions in a better and informed 
manner 


* Creation of knowledge directories 
* Avoidance of re-inventing the wheel, thereby reducing redundant work 


* Retention of intellectual property, even after the employee leaves the organization 
* Service as central repository, to retain information in a standard format 
* Ensuring of consistent and speedy responses to user queries 
Many large organizations are reaping the benefits of KMS. These days, even small businesses are imple- 


menting it. 
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lelps | Multiple-choice Questions 
a 1. Collection of raw facts or figures is 9. BDPcannotbeusedfor — 
Í 2 (a) accounting 
a (a) data (c) knowledge (b) " 
ta (b) information (c) ird ROAST 


l 
3 2. Processed data is known as A (d) none of these 
(a) input (c) knowledge 10. Microsoft Money and QuickBooks are 


(b) information (d) output examples of software. 
3. The ‘how’ part of a question is answered by (a) accounting and payroll 
(b) only payroll 
(c) inventory management 
(d) only accounting 
11. Inventory management can be done on 
software. 


(a) data (c) knowledge 
(b) information 
4. Information should be P 


(a) economical (c) both of these A 
(b) relevant (d) only (b) (a) Microsoft Word (c) Open Office Calc 
(b) Microsoft Excel (d) (b) and (c) 


5. If the employee works hard and is skilled 


with the latest technology, then his promotion 12. QuickBooks is a software used for : 


is guaranteed. Which of the following best (a) accounting (c) book keeping 
describes this statement? (b) payroll (d) all of these 
(a) data (c) knowledge 13. Flipkart, Snapdeal, Amazon are 

websites. 


(b) information 

6. Monthly salary of a parliament member is an 
example of____ 
(a) data 
(b) information 

7. means performing operations 

in order to convert business data into useful 
information. 
(a) Business data processing 
(b) Built-in data process 


(a) online shopping (c) email 
(b) social networking (d) search engine 
(c) knowledge 14. Online marketing is donethrough — ^. 
(a) email (c) both (a) and (b) 
(b) Google AdWords (d) none of these 
15. — wasthe bank which first started 
mobile face-to-face banking. 
(a) ICICI (c) Indus Ind 
(b) HDFC (d) SBI 


(c) Business digital processing 16. CRM stands for 
8. software is widely used by 

businesses to analyse and summarize data and 

draw charts. 

(a) Word processing (c) Database 

(b) Spreadsheet (d) Presentation 


(a) call record management 

(b) customer record management 

(c) customer relationship management 
(d) all of these 


(d) None ofthese 
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(c) nearshore outsourcing 30. At which level of information system do senig 
(d) onshore outsourcing managers work? 
21. In which type of outsourcing payroll, are (a) EIS (c) TPS 
billing and HR outsourced? (b) DSS (d) KMS 
(a) Internal outsourcing 31. At which level óf information system are 
d curis hai a operational decisions taken? 
y EIS 
(d) Back-office outsourcing E DSS a a 
22. In which type of outsourcing is customer 32. Whi hated 
service outsourced? i ich of the following is not a part of OAS? 
(a) Internal outsourcing (a) EDI (c) Hardware 
(b) Voice email (d) Office building 


(b) External outsourcing 
(c) Front-office outsourcing 
(d) Back-office outsourcing 


33. Electronic data interchange is a type of 


23. Which of these is not a valid reason for (a) hardware (c) technology 
apiid (b) software (d) none of these 
o) ro AF : 34. At which level of information system is 
(c) Both ML collecting customers' feedback done? 
(d) None of these p EIS (c) TPS 
24. Equity research i DSS (d) KMS 
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" (b) BDP P s UR types of reports generated? 
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prr EE E NN 
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(b) Increased complexities 36. In which type of report is aggregated data 
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(a) Detailed (c) Exception 
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(b Summarized (d) All of these 40. At which level of information system is 
37. In which type of report is filtered data used to what-if analysis done? 
take corrective measures available? (a) MIS (e) Els 
(a) Detailed (c) Exception (b) DSS (d) Both (b) and (c) 
(b) Summarized (d) All of these 41. Experience, feedback, sharing of project files 
38. Which type of system has the least analytical are features of which type of information 
capability? system? 
(a) MIS (c) EIS (a) MIS (c) OIS 
(b) DSS (d) KMS (b) DSS (d) KMS 
39. At which level of IS is data from internal 42. Open source software can be associated with 
sources as well as external sources analysed? which type of information system? 
(a) MIS (c) OIS (a) MIS (c) OIS 
(b) DSS (d) TPS (b) DSS (d) KMS 
| peur Ing 7 = Fe 
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| 1 (a) 2b 3. () 4 () 5 () 6. (a) 7. (a) 8. (b 9. (d) 10. (a) | 
B (d) 12. (d) 13. (a) 14. (c) 15. (c) 16. (c) 17. (c) 18. (a) 19. (a) 20. (d) 
21. (d) 22. (c) 23. (d) 24. (c) 25. (c) 26. (d) 27. (d) 28. (d) 29. (c) 30. (b) 
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2.1 INTRODUCTION 


Today, most applications collect a huge amount of data. Across workplaces, a lot of data is collected in 
one form or the other. For example, when we take admission in a college, we provide data in the form 
of our name, address, phone number, course in which to seek admission, aggregate of marks obtained in 
the last examination, and so on. If we go to a bank to get an account opened, we are always required to 
provide a lot of data. All this information was traditionally stored on paper but handling these documents 
had never been easy. 
d un re on. > pe enormous amounts of data. Therefore, in 
efficiently analyse the data collected from different sources, it has become a necessi 
the data in computers in the form of a file. dd ii 
a en 
(0) 1 1 . . 
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2.2 DATA ORGANIZATION 
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+ A record is a collection of related data fields and is seen as a single unit from the application poi 
of view. For example, a student's record may contain data fields such as the name of the student, 


address, phone number, roll number and marks obtained, and so on. 
+ A file is a collection of related records. For example, if there are 60 students in a class, then there 


will be 60 records of the students. All these related records are stored in a student's file. Similart 

we can have a file of all employees a Y 
working in an organization, a file of all 
the customers of a company, a file of all 


the suppliers, and so on. 

+ A directory stores information of related 
files. A directory organizes information 
so that the user can find it easily. For 
example, consider Figure 2.1 that shows 
how multiple related files are stored in a Figure 2.1 Directory, file, and attributes 


student directory. 


2.3 DATA PROCESSING SYSTEM 


The most important factor of a transaction system is its availability. Here, availability is defined as the 
fraction of time a system is up and running for processing. In simple terms, we can say that a system is 
available if it is not down because of hardware or software failures, operator errors, preventative main- 


tenance, power failures, etc. 
We can categorize data processing system with respect to the expected availability of the system. For 


example, a transaction processing system (TPS) installed at an airline reservation counter needs to be 
available 24 x 7, but the TPS in a data entry operator who works from 9 am to 5 pm needs to be available 
only during the office hours. Therefore, based on how computers are being used for processing data and 
their availability required, we can have different types of data processing systems. 


2.3.1 Batch Processing System 
A batch is a set of requests that are processed together, often long after the requests were submit- 


ted. A batch can take minutes, hours, or even days to execute. Correspondingly, in batch processing 
or transactions to be performed by the computer are submitted to the com- 
tained after some time. These types of systems were popular in the 1960s 
they are used in TPS to execute the batches after office hours. A batch 


batch as a sequence of transactions, one transaction at a time. 
ay after the close of financial 


nthly basis, and calculating 


systems, requests, jobs, 
puter and the results are ob 
and the 1970s. Even today, 
processing system would execute each 
For example, the value of a stock market portfolio can be calculated a d 


markets on all Saturdays, calculating telephone bill for customers on a mo 


tax annually. 


“The main advantage of batch processing systems is their throughput—the amount of work | 
| performed per unit of time. They are applicable where quick response time Is not desirable. | 


Batch processing is usually used in systems that need to process a large amount of data in a specific 
r. Data is collected during the working hours 


way without user intervention in an automated manne 
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Online data processing i 
data enters the system or c 
out any delay. Unlike batch processing 
period of time. For ge x a ur : 
le reader reads the barcode, 
uns the product from available inventory. un 
tory records are collected over a period of time—say over 
updated after a week. ; m 
Some other examples of online processing include airline, 
ellers would like to know whether a seat is immediately available 
ing, the number of available seats must immediately get deducte 
machines, which allow account holders to withdraw the required money. 


that uses online processing. i 3 J 
As these processes require users to supply input and system to immediately process it, online process- 


ing is also called interactive processing. 


bus, or railway reservation in which trav- 
or not. In case they make the book- 
d. Another example is that of ATM 
Game playing is also a field 


Eg Online processing is faster and is used for processing continuous data. 


2.3.3 Real-time Processing 


In real-time processing, which is a subset of online processing, users 
submit requests to perform some transaction(s) that must be com- 
) pleted before the specified deadline (which is usually very near). 
Generally, real-time processing systems are used for collecting data 
from a satellite or from an instrument that continuously generates 
data. If they lose some input, they ignore the loss and keep on run- 
ning. Users working with real-time systems expect a response in one 
or two seconds. The major advantage of real-time processing is that 
it automatically takes data from sensors and processes it without user 
intervention. Moreover, whenever a rapid reaction is required due to 
some sort of change, it immediately takes the necessary action. 


" Figure 2.2 Centralized 
2.3.4 Serial Processing processing 


in which transactions occur. It is a lied i 
ae pplied in systems where onè transaction must be completed before 
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2.3.5 Centralized Processing 
A central computer is a large computer that manages the resources of an organization and shares it with 
other computers in the system. Correspondingly, in centralized data processing, all data processing 
operations and calculations are performed by the central computer and different terminals or computers 
are connected to the central computer for sending requests and receiving outputs as shown in Figure 2.2. 
Besides performing data processing operations, the central computer also manages the central data 
storage unit that stores the data needed by all the applications. The system administrator plays a vital 
role in centralized processing as he is responsible for authorizing user access, supporting users opera- 
tions, and security of the system, thereby providing centralized control. Centralized systems are easy 
to manage and require less personnel costs. 
For example, an airline ticket reservation service is a centralized system in which a central computer 
serves computers on several reservation counters. The central computer stores data about all flights, 
schedules, and vacancies. While it processes all reservation requests, the computer terminals at the 


counters are responsible for sending requests and printing the ticket. 


All applications and data are mounted in the central computer, which is managed by a system 
administrator to provide a centralized control. 


2.3.6 Decentralized or Distributed Processing 


Nowadays, many organizations are moving from centralized processing to decentralized data processing 
(DDP). In this type of processing, relatively smaller computers located at different places in an organ- 
ization are connected to each other with or without a central authority. The computers at each location 
are responsible for satisfying the specific needs of local users. 

A popular phrase says, “Do not put all your eggs in the same basket”. DDP implements this concept 
and therefore, distributes data and applications among several small computers. This also ensures that any 
failure of hardware, software, or personnel has minimum effect on the overall functioning of the system. 

When a user requests for a service, the local computer is approached first. If the service can be pro- 
vided by it, users can get a quick response; otherwise, the request is transferred to another computer. 
The major advantages of DDP include efficient utilization of resources and effective implementation of 
security and privacy measures. An organization need not invest in extra infrastructure in one go. Rather, 
it has the flexibility for gradual growth in hardware and software. 

However, the downside of DDP is that it lacks standardization of data structures, resulting in prob- 
lems of incompatibility and duplication of data. Since data is available on different computers, it is 
difficult to update data and exercise control over it. 

A typical example of DDP is its use in banks where applications and data are split across different 
branches. Each branch processes data regarding its transactions and passes the summary information to 


the zonal office. 


2.4 FILE ORGANIZATION 


The particular organization most suitable for any application usually depends on factors such as the kind 
of external storage available, types of queries allowed, number of keys, mode of retrieval, and the mode 


of update. A . k 
e is a collection of related records. The main issue in file management is the 


We know that a fil issu € 
way in which the records are organized inside the file because organization of records heavily affects 
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term “organization of reco! 


. Here, by using the BOK 
uM : the organization 1S base: 


rds’, we mean the logical arrange- 
d on their ordering or the place- 
al layout of the file as stored 


ee rds in the file. For €: ample. 
nt of the records in the file. or ex ^ : ‘ 
“ve of related records close to each other in the file and not the physic 
torage media. : ue x bed a 
je ea an appropriate file organization is a design decision; heraa x dep rar! the 
priority of achieving good performance with respect to the most like y x prisa ER ^ tefore, 
the following considerations should be kept in mind before selecting an app! rganization 
method: 
« Rapid access to one or more records y : E 
. Ease of inserting, updating, or deleting one or more records without disrupting the speed of access- 
ing record(s) 
+ Efficient storage of records 
* Using redundancy to ensure data integrity 
ach other, it is the designer’s job to 


irements are in contrast with e 


d get an adequate solution to 
t access of data. 


Although one may find that these requ 
the problem at hand. For example, 


find a good compromise among them an 
ease of addition of records can be compromised to get fas 
The four fundamental file organization techniques are as follows: 

* Indexed sequential 
These file organization techniques basically differ from each other in the way they perform the 
physical ordering of the records in the storage and the set of operations necessary to find particular 


records. 
However, the most appropriate file organization depends on the operational characteristics of the 


storage medium. While some devices allow direct access to a particular record without accessing prior 
records stored on the device, others allow only sequential access to records. For example, while mag- 
netic disks are direct access storage devices, magnetic tapes are sequential storage devices. 


* Multi-key 


* Sequential * Relative 


2.4.1 Sequential Organization 
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Hence, wo seo that updating records necessitates the Beginning of file ——> 
creation of a new file thereby making it an expensive 
tion. However, to reduce the cost per update, all 
opera! s to data stored in a sequential file are batched, 
sorted in the order of the sequential file, and then used 
to te the file in a single pass. Such a file that con- 
tains the updates that have to be made to the sequential 
data file is known as the transaction file. 
When updating a sequential data file using a transac- 
tion file, records requiring no changes are copied directly 
to a new file or the new master file; records requiring one End of fi 
N A 2 of file —— 
or more changes are written into the new master file only 
after all necessary changes have been made. New records 
are inserted in the proper sequence in the new file and 
records to be deleted are simply not copied to the new 


master file. 
In sequential file organization, all records have the same size and the same field format, and every 


field has a fixed size. The records in the file are sorted based on the value of one field or a combination 
of two or more fields. This field is known as the key. Every key uniquely identifies the records in the 
file. Therefore, every record has a different value for the key field. Records can be sorted in ascending 
or descending order. 

Sequential files are usually used for report printing or sequential reads of large amount of data which 
some programs prefer to do. An example is the payroll processing of all the employees of the organiza- 
tion. Sequential files can be easily stored both on disk and tape. 

The processing of a sequential file is conceptually simple but inefficient for random access. However, if 
an application demands strictly sequential access to the data, then a sequential file is suitable. A sequential 
file could be stored on a sequential storage device like a magnetic tape. 

Table 2.1 summarizes the features, advantages, and disadvantages of sequential file organization. 


Record i+1 


Figure 2.3 Sequential file organization 


Table 2.1 Features, merits, and demerits of sequential file organization 


pl advantages 


+ Records are written in the order * It is simple and easy to * Records can be read only 
in which they were entered. handle. sequentially. If the ith record 

* Records are read and written * No extra overheads are has to be read, then all i — | 
sequentially. involved. records must be read. 

* Deleting or updating one or more * Sequential files can be * It does not support for 
records calls for replacing the stored on magnetic disks updating records in the same 
original file with a new file that as well as magnetic tapes. file. A new file has to be 

* It works well for batch- created and the original file 


contains the desired changes. 


| * Records have the same size and has to be replaced with the 


oriented applications. 


| the same field format. 
* Records are sorted on a key value. changes. 
| * Ie is usually used for report * lt cannot be used for 
Interactive applications. 


_ printing or sequentlal reads. 


| 


new file that contains desired | 
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Relative files can be used for both randai ee ds are simply read one number in RIT 


for sequential access. For sequential access, [member memory "| 
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np i n 
Relative files provide support for on uh d must take a value between >] 


record number. This key must be numeric ^ 5 
0 and the current highest relative record number —1. This means Enough E | 
space must be allocated for the file to contain records with relative en AE | 
numbers between 0 and the highest record number —1. For example, if the 4 Recd 


highest relative record number is 1,000, then space must be allocated to [| 


2.4.2 Relative File 
Relative file organization provides 


store 1,000 records in the file. * : : RESI a 
Figure 2.4 shows a schematic representation of a relative file which HA) 


has been allocated enough space to store 100 records. Although it has 99 Record 99 

space to accommodate 100 records, not all the locations are occupied. The 

locations marked free are yet to store records in them. Therefore, every 
location in the table either stores a record or is marked as FREE. 

Relative file organization provides random access of data by directly jumping to the record which has 

to be accessed. For example, if the records are of fixed length and we know that each record occupies 


20 bytes and the base address of the file is 1,000, then, any record i can be accessed using the following 
formula. 


Figure 2.4 Relative file 
organization 


Address of ith record = base_address + ( i - 1) * record_length 
Therefore, if we have to access the fifth record, then the address of the fifth record can be given as 
1000 + (5 - 1) x 20 
= 1000 + 80 
=1080 = 


Note that the base address of the file means, starting address of the file. We took i — 1 in the formula 


because, record numbers start from 0 rat 
record. Table 2.2 summarizes the features, 


Table 2.2 Relative file organization 


s than 1. Therefore, the fifth record is actually the fourth 
vantages, and disadvantages of relative file organization. 


-- - Disadvantages] E 
p des an effective Way — * Processing is eas 
to access individual records. à 


* Use of relative files 


| + The record numbe * If the relative record number of i à 
represents the ai ol the record that has to be accessed rei a 
the record relative to the is known, then the record can be j 


beginning of the file accessed instantaneously, 


ce ae 


| The records in a relative file 


are of fixed length. access to relative files fast. a fixed length. 
|. Relative files can be used for + It allows deletions and updates in + For random access of | 
| both random accesses of the same file. records, the relative 
| data as well as for sequential +» It provides random as well as record number must be 
| access. sequential access of records with known in advance. 
| * Every location in the table low overhead. 
| either stores a record oris + New records can be easily added 
| marked as FREE. in the free locations based on the | 


relative record number of the 
| record to be inserted, 
+ ltis well-suited for interactive 
applications, 


2.4.3 Indexed Sequential File Organization 


Random access of records makes 


* Records can be of only | 


Indexed sequential file organization stores data for fast retrieval. |Record number [Address of the record 


The records in an indexed sequential file are of fixed length. In 


1 765 


an indexed sequential file, every record is uniquely identified by 


a key field. We maintain a table known as index table or an index 


file that stores record number and the address of the record in 


the file. For every file, we have an index table. This type of file 


organization is called an indexed sequential file organization 


because the records may be stored anywhere physically but the 


index table stores address of those records. 


The ith entry in the index table points to the ith record of the 
file. Initially, when the file is created, each entry in the index 
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table contains NULL. When the ith record of the file is written, Figure 2.5 Indexed sequential file 
any free space is obtained from the free space manager and its organization 


address is stored in the ith location of the index table. Look at 
the Figure 2.5 which shows this scheme. 


If one has to read the fourth record, there is no acord number Painter to the reco al, 
need to access the first three records. The address 1 
of the fourth record can be obtained from the 2 Record 
index table and the record can be straightaway 5 E: Record 
read from the specified address (742, in our exam- 
ple). Conceptually, the index sequential file organ- 4 = 
ization can be visualized as shown in Figure 2.6. 2 NULL 

The indexed sequential file uses the concept E NULL 
of sequential files as well as that of relative files. 7 NULL 
While the index table is read sequentially to find 8 NULL 
the address of the desired record, a direct access 9 NULL 


is made to the address of the specified record in pi igure 2.6 
order to access it randomly. 


Indexed sequential file organization 
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ss of data, for example. Master file 


uential files perfo isum 
is made to the data. They can be stored only 0n devices that supP Poll applies 
magnetic di i , and 
on ils of the students as an indexed sequential file. The file cay es 
Example Suppose a college stores the details of the ie 
i the following ways: A " utput fil 
be accessed in any of the fo g tained by each student in a particular course be requires 
» Sequentially to print the aggregate maria ¡cular student which can 
- Randomly, for example, to modify the name of a partic : 
i d disadvantages of indexed sequential file organization Backup 
Table 2.3 summarizes the features, advantages, and dis: i because o 
Table 2.3 Indexed sequential file organization = 
AAA ES a] BEA 
|. It provides fast data retrieval. + Thekeyimprovementin — * Indexed sequential files - | ae — 
+ The records are of fixed length. is that the indexes are can be stored only on : 
+ Index table stores the address of the small and can be searched disks. ee 
records in the file. quickly, allowing the + Itneeds extra space | ‘or = 
| © The ith entry in the index table database to then access and overhead to store | ments 
points to the ich record of the file. only the records it needs. indices. | there is 
+ While the index table is read + It supports applications * Handling these files is particu 
| sequentially to find the address of that require both batch more complicated than | presen 
the desired record, a direct access is and interactive processing. handling sequential files. | 5 
made to the address of the specified * Records can be accessed * It supports only fixed | progre 
| record in order to access it randomly. sequentially as well as length records. 
| © Indexed sequential files perform well randomly. | 
in situations where sequential access * It updates the records in | 
as well as random access is made to the same file. | E 
the data. i rog 
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2.5 FILE-ORIENTED APPROACH 
When computers were first us i + nati Ap 
file. Ina llanos ee M i pplications, a related group of records were stored in a Dar 
processing, each department has its own files that are specifically hav 


in, = pen applications. Refer to Figure 2.7 in which there are three departments—academic, 
accounts, ibrary. Each of these departments maintains a student's personal details file in addition to 


th (ru : i 
ie ” en their own application. Therefore, each application has a separate master file 
personal files. The types of files maintained for each application include the following. 


aeg file A es temporary file which stores data to be 
I ocessed. Once the data is processed, it is permanentl 

in the master file. More speci an "ines 
a pecifically, the transaction file is us 

r ed 

posi = red "M For sia in a payroll application, 

transacti used to calculate the month; ; 

of each employee, and for that it wi i ee 
J j will contain data about numb 

of hours worked, overtime done, and other details about ^ 

hsc] ut each 


Academic Accounts Library 
department department department 
J | ] 
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Students’ personal Students’ personel Students personel 
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details and fees details and libra 
payment details transactions’ datas 


Figure 2.7 File-oriented approach 
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Maner T = qual file apo all data relevant data for an application. For example, in case of pay- 
= ampie sis re erh stores details of each employee such as name, address, pay 
* . trans: n file calculates th "s i 
MERE L em v cu month's salary of each employee and updates 
Output file When working with multipl i rogram 
t A iple programs for data processing, the output of one 
be required as an input of another program. Therefore, the first program stores its output Dan ouf mr 
which can then be used by other programs. PES 
Backup file It is a copy of the file which the 
5 E System keeps as a safety measure against loss of data 
because of inadvertent deletion. The original file can be restored from the backup file. 


2.6 DATABASE APPROACH 


A database is a collection of the related data organized in a way that allows users to easily access, update. 
and maintain the data. It stores non-redundant data that can be shared by different application systems. This 
means that only a single copy of data exists in the entire system. Non-redundancy ensures data consistency. 
For example, consider à scenario in which complete details of a student exist in files of three different depart- 
ments like one in the accounts department, second in the academic department, and third in the library. If 
there is a change in a student's address and he reports it only in the academic department, then only that 
particular department will have the right data. This correct data will conflict with other copies of data that are 


present in other departments. This is called inconsistent data which occurred due to redundancy of data or 
existence of same data at multiple locations. Figure 2.8 shows the 


database approach in which all the programs access a single copy 


of data in the database. 

Besides storing related data in an organized manner, a data- 
base also separates physical storage of data from application 
programs that access it. This is called data independence. In 
case of data independence, the programmer does not know the 
details of how the data is stored. These details are completely 


Figure 2.8 Database ach 
9 i Sppraac transparent to the users. 


Applications of Database System 
Database systems are widely used in almost all fields. Due to its numerous advantages, database systems 


have been successfully implemented for the following applications: 


They are used for ticket reservation of flights and trains. 

Airlines and railways use them for displaying the route and schedule of trains and flights. 

They are used in hospitals to store details of patients, their medical history, and other details. 

+ Financial institutions like banks use them for managing the records of customers, accounts, loans, 
and other transactions. Banks and other financial institutions also use databases to record purchases 


on credit cards for generating monthly bills. 
* They are used in schools and colleges to store information about students. 
In organizations, databases are used to maintain records of all employees, their salaries, perks, 


taxes, and for generating salary cheques. 
In telecommunication departments, databases are used to store information about the telephone 


numbers, record of calls, for generating monthly bills, etc. 
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+ Online shopping i i 
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Advantages of Database System PA d 
The advantages of using database to store data include the follo : ia UON ns 
+ ]t reduction data redundancy because databases are shared rather than g . iSt 
+ It minimizes data inconsistencies. ie 

+ It maintains data integrity and quality. N : ^ be di s 
* Information about e stored data including its meaning and interpretation can be saved in the data imi 
dictionary. tions that results į Se 
+ The database management system (DBMS) takes care of fundamental operat Sults in ha 


The file-oriented approach suffers from the following significant disadvantages. 


reduced cost of software development. 


; 1 ol access. 
The data stored is secured in a database as 1 s to control a 


t includes security tool 


+ Itis easy to search data by using keywords. a. D 

+ Data can be shared among multiple branches of the same organization. x 
Data can be used to analyse trends such as which product is most popular among customers. I 
p 

2.7 FILE-ORIENTED VS DATABASE-ORIENTED APPROACH c 
s 
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Data redundancy In a file-oriented approach, if a particular data is required by two different applica- 
tions, then it may be stored in two or more files. For example, in a college, the details of a student may be 
stored in the accounts department, academic department, and in the library. 


Program or data dependency The major drawback of the file-oriented approach of data processing is 
that programs are dependent on the files and files depend on data. Therefore, when there was a change 
in the physical format of the file, the program also had to be changed. For example, if a new data field 
has to be added in the master file, then all programs that access the master file will have to be changed. 


s pend Since the data and programs are strongly coupled, most information retrieval requests 
MR predetermined. Users will be allowed to generate only certain types of reports and execute only 
ited number of queries. Such systems are incapable of responding to un-anticipatory queries and 


some kind of investigative or trend analysis that has now beco; ess to survive 
E at h: i i 
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pata isolation Since data is scattered in different files in distinct departments and stored in different 
formats, writing new application programs to retrieve the appropriate data is difficult. 


Data integrity issues Data stored in files must satisfy certain types of consistency constraints. For 
example, the student cannot issue more than three books. Developers enforce these constraints by add- 
ing appropriate code in the application programs. However, when new constraints have to be added, it is 
difficult to change the programs to enforce them. The problem is even more complex when constraints 
involve several data items from different files. 
Data atomicity issues In case of a failure, data must be restored to the correct state that existed prior 
to the failure. It is difficult to accomplish this in the file oriented ‘system. For example, a user runs a 
to transfer 710,000 from his account to another account. While the money was transferred, the 
system failed. The money was deducted from his account but not credited to the other account resulting 
in an inconsistent database state. Therefore, the approach must either do it in entirety or not do it at all. 
Security issues Not every user should be able to access all the data. For example, a librarian should not 
be allowed to access the salary of the teachers. Enforcing security constraints in a file-oriented system 
is difficult. 
The disadvantages of using database to store data include the following. 
Larger file size To support complex applications and functionalities, the DBMS is a big program that 
occupies a substantial amount of space on disk as well as in the internal memory. 
Increased complexity A large number of complicated functions makes database processing a complex 
product. To efficiently work with databases, users must learn a lot to exploit it to its maximum potential. 
Greater impact of failure In database approach, several users share the same data; so, if the system 
storing the data fails, then a number of users will be affected. 
Difficulty in data recovery Recovering data in case of a catastrophe is not a trivial task. This is because 
several users may be trying to update a data simultaneously. If a catastrophe has occurred, the data is first 
restored to a prior state when it was last known to be correct. Then, any updates to the data since that 
time is redone. The more the number of users involved in updating the data, higher is the complexity of 


updating the database. 


2.8 CONCEPT OF DATABASE MANAGEMENT SYSTEM 


A database must store only successful transactions; a successful transaction has the property of ACID— 
atomic, consistent, isolated, and durable. These features can be explained as follows. 


Atomicity When a transaction is performed, either all or none of its operations must be completed. 
This means a transaction that is successfully completed must commit (make changes to the database 
permanent) and the one that failed should abort (undo or erases database changes). For example, if A 
does an online money transfer to B, the transaction comprises two main operations—deducting amount 
from A’s account and crediting B’s account with that amount. Either both these operations should be 


Performed or none. 

Consistency Each transaction must preserve the consistency of the database. This means that after the 
transaction is complete, the database should have the correct information. For example, if there were 
710,000 in A's account, then after paying 71,000 to B, the balance must be € 9,000 and no other figure. 
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‚ne. This is important to ensure that 
Isolation Each transaction must execute transaction at a time. This is called 


running a set of transactions is nnm 
the result w and is implemented by locking the table. For u dE bt rimi iis 
serializability d 23,000 has to be credited. Then, irrespective © OUR 
men e should be that at the end of both the transaction 
ie 
- 11,000 + 23,000). 
bee s that the committed transactions are 


Durability Durability mean: 


device. 
2.9 COMPONENTS OF DATABASE MANAGEMENT SYSTEM 


effective database system comprises four main 
bcd as iles Refer to Figure 2.9 Eu e (eus) 
Data The most crucial component of a database prog! 
is the data stored in it. Real-world applications 

demand storing and processing of large amount of Figure 2.9 Components of a data- 


data which are accessed by users through applica- base-oriented approach 
tion programs. There are two types of data that a à e . 
database stores—user’s data and metadata. While user data contains data to supports user s applica; 
tions, metadata, on the other hand, stores data about data. It describes the structure of the database ani 

includes information regarding number of tables and table names, number of fields and field names, 
primary key fields, types of pre-defined queries, etc. 

Hardware Hardware consists of the secondary storage devices on which the data is stored; input and 
output devices for receiving or giving data to users; and processor and main memory for processing 
the data in a fast and efficient manner. Since a database system can be either deployed on a desktop 
computer with a single user or on a mainframe computer to be shared among thousands of users, the 


hardware should be chosen to meet the database requirements. 
Software Software consists of the DBMS which acts as a bridge between the user and the database. 


The DBMS software interacts with the user's appli- Witas $ 


meemyes> 


permanently stored on a storage 


AS 


cation programs and database to insert, update, and 
delete, and retrieve data. A DBMS is responsible Leere. enioroes 
for maintaining the integrity and security of stored =I 
data, and for recovering information in case of sys- - 

Analysts 


tem failure. Some common examples of DBMS Manages: 
are MS ACCESS, SQL Server, Oracle, dBase, and 
FoxPro. 1 a 


Users Users are the people who access the data 
from the database to perform their primary business L 

responsibilities. The users may be clerical staff, man- Applications LI 
agers, executives, etc. Based on the job profile, these le 
users are either given full or partial access to the 
database data. Database users (refer to Figure 2.10) 
can be broadly classified into following categories: 


Figure 2.10 Database users 
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M N cation programmers An application programmer writes application programs to access, retrieve, 
fr eq | te, delete, or add new data to the database. These programs are written using a high level language 


er 


Om | preferably, SQL which is a fourth generation language. 
| ers End-users are those users who use the application programs developed by the application 
009 | End-us‘ 


lopers. They need not know about the database design, working, access mechanism, and other 
technical details of the database. Rather, they just use the underlying database to get their work done. 
End-users may be further categorized in two groups: 

+ Sophisticated end-users write their own queries to access and process the data stored in the database. 

+ Unsophisticated end-users interact with the system through an already written application program. 
They follow the instructions provided in the user interface to retrieve data from the database. For 
example, people working at railways reservation counters interact with the system through an already 
written application program. Another example of unsophisticated users is bank customers who use 
ATMs to draw money or check their balance. 

Database administrator A database administrator (DBA) makes strategic and policy decisions regarding 
the data. He provides technical support for implementing these decisions and is responsible for overall 
control of the system at the technical level. He monitors and performs all activities related to database 
design, implementation, maintenance, and security. Besides administering the database, he also trains 
employees in database management and use. 

System analyst System analysts identify end-users’ requirements, plan solutions, and recommend hard- 
ware and software that best meet business goals. They play a major role in database design by writing 
end-users’ requirements in a technical requirements definition document after conducting a technical and 
economical feasibility analysis of the identified requirements. 


2.10 DATABASE VIEWS 


A DBMS is a collection of interrelated data and a set of programs that enable multiple users to access, mod- 
ify, share, and process it simultaneously. The main concern of a DBMS is to help users to efficiently retrieve 
data from the database. While ensuring efficiency, however, database developers often end up in designing 
complex data structure for data representation. Since a database is also used by unsophisticated end-users, 
this complexity must be hidden from them. Moreover, in the last section, we have seen that there are differ- 
ent categories of users with different needs for data. Therefore, a big responsibility of the DBMS is to pro- 
vide users with an abstract view of the data to hide certain details of how the data is stored and maintained. 
The DBA enforces data abstraction in database systems by defining data views at three levels—logical 
view, external view, and internal or physical view. These views provide a threefold benefit. First, it pro- 
vides an abstract view of data. Second, it hides complexity from users. Third, it simplifies user interaction 
with the DBMS. These views can be discussed as follows. 
Physical level This is the lowest level of abstractions that focus on how data is actually stored—the physical 
arrangement and location of data in the direct access storage devices (DASDs). It describes low-level com- 
plex data structures in detail. Database specialists use these details to design efficient algorithms to access 
data and make efficient use of storage and processing resources. The internal data representation is of no use 
to the end-users as they are just interested in using the information rather than in understanding the technical 
details of physical storage. 
Logical level The logical view describes two things—first, what data is stored in database, and second, 
the relationships that exist among the data. It is the next higher level of abstraction that focuses on ease 
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level, Ever” cion which is the sum total icd al level is the highest level of abstrac. 


higher level of iex int laws of the external schema. The externi ws 
D in hides all complexities to deal TARE oS 
with the users view of the database and Me u 
Sm only to simplify user interaction View 1 s 
with system. Since all users and applica- ies 
tion rs do not require the entire User2 En gen 
€ td e wu User External level a 
level describes a part of the 5 
a particular group of users. It enables er 
customization of data according to user's - s ‘wal ra 
needs so that the same data can be seen Logical or internal 
by different users in different ways simul- | : 
taneously. Besides customization of data, 
the external level also ensures security by Physical level = 
nal 


hiding the parts of the database from cer- 
tain users. The interrelationship among Figure 2.11 


these three levels of abstraction is given 
in Figure 2.11. 


Interaction between different levels 


2.11 THREE-SCHEMA ARCHITECTURE 
A database schema is a layout of the database or a blueprint that outlines the manner in which the data 
is stored in the database. It describes the structure of a database in a formal language supported by 
the DBMS. For example, in a relational database (discussed in the next section), the schema defines 
the tables, its attributes or fields, and the relationships that exist between the fields and tables. Database 
schema is stored in a data dictionary or metadata in textual or in graphical format, 


B There may be multiple external schemas but there is only one logical and one physical schema. 


ERE fe the ane levels of abstraction, there are three levels of database schema. This is called 
-level schema architecture or simply three-sch i i 
tat ae ply three-schema architecture. In the architecture, the three lev- 


Physical schema The physical schema descri i 

s ribes the design of the database at the physical It 

paa as won level details that are hidden below the logical schema and P ma ie, 
structure of the database. The physical schema can be easily implemented without affecting the 


application programs that are using th i i 
ai ir g the data. This schema is managed by the operating system under the 


Logical schema Logi i 

er weh een ae the database design at the logical level. This schema is often 
t c rogrammers to develo icati i i 

most important schema in terms of its effect on application Fe cas re 
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External schema The external schema or the user’s views are given at the external level. It describes 
apart of the database as per the user’s requirements and hides the rest of the database from that user. 

In three-schema architecture, each user group has its own external view. When a user or a user group 
requests to generate a new external view, the DBMS transforms the request specified at the external 
Jevel into a request at the logical level, and then into a request at the physical level. When the user tries 
to access data from the database, the data must be first extracted and then presented in a format specified 
by the user. This process of transforming the requests and results between the three levels of schema 
architecture is called mapping. 

The three-schema architecture ensures data independence, which is the main advantage of using 
this architecture. Data independence is the ability to modify the database schema at one level without 
affecting or without changing the schema at the other levels. It is of two types—logical data independ- 
ence and physical data independence. 

Logical data independence is the ability to change the logical schema of the database without affect- 
ing its external schemas or application programs. The logical schema may be changed due to any of the 


following reasons: 


* Addition of new fields 

« Deletion of existing field(s) 
Physical data independence is the ability to change the internal schema without affecting the logical or exter- 
nal schema. An internal or the physical schema of the database may be changed due to the following reasons: 


* Adding or deleting indexes 


* Addition of constraints 
* Removal of constraints 


* Creating additional access structure 
* Changing the storage structure 


ES The physical schema is changed to improve the performance of the database system. 


Generally, physical data independence is easier to achieve than logical data independence. This is 
because application programs depend on the logical structure of the database. Therefore, if there is any 
the change in the logical structure of the database, some changes have to be made in the application 


programs too. 


2.12 DATABASE MODELS 

A model is a representation of reality that depicts real-world objects and their associations. A database 
model is, therefore, designed to provide the basic concepts and notations to enable application program- 
mers, database designers, and end-users to communicate their understanding of the organizational data 


unambiguously and accurately. It describes three aspects—the data, the relationships that exist between 
data, and the constraints on that data. For this, the database model comprises the following components: 


* A structural part that specifies rules for developing the database 
* A manipulative part, which defines the types of operations that can be performed on the data, 
including those that change or access data or change the structure of the database 
* Integrity rules to ensure that the data is accurate 
The purpose of a database model is to represent data and to make it understandable. Some commonly 


used database models are as follows. 


‚Applications In Business 


O emt nenn eet 


Model 
2.12.1 Hierarchical H f t N 
The hierarchical data model organizes data in a tree structure. It forms 4 pp ies ba iita bars EX 
data m ents. At the top is the root data element and bale it 2m nd so forth. The tree cani Ha 
i à i nts, 80 ON, x 
¿nato elements may have its own a mad ^» have a parent-child relationship in i 


4 l ts in th 
ple levels. The data e ves but a child data element has 0) 


which a Á 

there is a one-to-n mapping from the parent 

a hierarchical database of a college which * 

has postgraduate as well as undergraduate E 
Child data | fo 


Undergraduate students 


ts. 
Hierarchical database allows related 
records to be grouped together to form a 
child relationship. The parent data 
element collects information that is com- 
mon to all the child records of the same 
group. This helps in reducing data redun- Figure 2.12 Hierarchi 


dancy in the database. 


ical database 


as Te oa. AAT S 


The advantages of a hierarchical database are as follows: 
+ Many applications use a hierarchical database, for example, 
state by city, within city by zip code, etc. 


+ Its features lay the foundation for other data models. 
+ Since data access is quite predictable, data retrieval and update operations can be highly optimized 


by the DBMS. 


) Advantages 


census data organized by state, within 


Disadvantages 
The disadvantages of the hierarchical database are as follows: 


. It does not support flexible data access. 
. credit ie be mer only by following paths formed by branches of the tree structure, the 
igner must determine all i i ' 
P. types of relationships among data elements and map them 

It follows a complicated implementation pattern. 

+ It is difficult to manage. 
+ It lacks structural independence. 
+ It lacks standards. 


* It is difficult to ex i Am 
5 pand or modify th i 
pifias ify the database. Any change in the structure requires substantial 


pe E 
| The hierarchical data another through 

model consists of a set of rough | 

(inks. The link isan association between two e NE A N | 
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2.12.2 Network Model 
network model is a powerful yet complicated extension of the hierarchical database model. It has 


The 5 
the following features: 


+ Data is represented by a collection of records. 

+ Relationships among data are represented by links. 

+ Each record of a particular record type represents a node. 
However, in the network model, the nodes are not linked to each other in any hierarchy. While the hierar- 
chical model organizes data in a tree structure, the network model, on the other hand, organizes it in the 
form of graphs. This means that, in the network model, parent data element can have many child data 
elements and a child data element can have many parent data elements. Therefore, the network model 


supports many-to-many relationships in data. 
Figure 2.13 shows a network database. In the figure, subjects is the root data element. It has child data 
elements such as data warehousing, data structures, microprocessors, programming, and network. The 


child data elements have further child 
elements which are the courses in 
which the subjects are taught. As per 
the figure, data structures is taught in (mre (en mnn | 
BSc, B Tech, and BCA. The figure H =: 
— en 


exhibits many-to-many relationships 
among data elements. Note that M 


Tech has no parent data element. This 
means that none of the given subjects Figure 2.13 Network database 


are taught in M Tech. 


; 3 
ES In the network model, a child can have multiple parents. 
l 


Advantages 
The advantages of network model are as follows: 

+ It enables efficient and high-speed data retrieval. 

+ Itenables the database designer to incorporate more relationship types. 


+ It provides easy data access. 


Disadvantages 
The disadvantages of network model are as follows: 


* The database created using the network model has a complex structure. 
* Database designers, administrators, and programmers must have a good knowledge of the internal 


data structures to access the data. Therefore, the model is not very user friendly. 
* Itis difficult to modify the database structure because any change will require the application pro- 


grams to be modified before they can access data. 


tions in Business 


se) information Technology and its Applica 


i f 
Iris difficult to maintain all tho links; even a single broken link can be a big source of problems 
tdm there is no strict bound on the number of relationships that can exist, the database design 


become even moro complex. 


2.12.3 Relational Model 


The relational data model was developed by E.F. Codd n ed 
elements as in the case of hierarchical and network mode s. 
tionship that existed among those data are represented using tables, 
a table is a collection of data records where each re 
relational data model are as follows: 


+ A table consists of rows and columns. 

+ Each row stores a record. 

+ A record represents an entity. 

* Each row is unique. . 

+ Each column, also called field, represents an attribute of that entity. 
+ Each field has a unique name. 

+ A common attribute (and not physical links) is 
+ The sequence of rows and columns is insignificant. 


Figure 2.14 shows the relational model consisting of two tables. The first table stores the roll number, 
name, address, and phone number of the students. The second table stores the roll number, course, 
the ycar of admission. Note that these two tables have a common field —RNo. Now if there is a query 
like ‘In which course does Farhan study?” then the first table will be searched to obtain the roll m 
ber of Farhan. The roll number will then be used to search for a particular record in the second table. 
This means we are joining two tables based on a common attribute. The result of this query 
retum—BCA. 


used to maintain a relationship between two tables, 


[3 [Dinkar  |9818086420 | Jai singh road 
[4 | Fahan | 9910035791 Copernicus marg 
[5 [Hamman | oeoooso0s | Matros — 


Figuro 2.14 Relational model 


Advantages 
The advantages of relational model are as follows: 


+ Data model is simple to understand and use. 
* Data access is simpler than other models. 


* It is more programmer friendly and therefore i i 
, popular in both i i ios. 
* It provides flexible data organization. i URINE 


ua mede 
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+ Future enhancements to the database such as adding new table, row, field, and so on can be easily 


done. 
+ Relational model is close to the intuitive or logical model of real-life applications. 


Disadvantages 
Not all types of data can be represented using relational data model. Some examples of such data include 


multimedia, temporal, spatial, and unstructured data. 


2.12.4 Object-oriented Data Model 


The object-oriented paradigm can be applied to database technology to create an object- 
oriented data model. Such a model is a logical organization of the real-world objects or entities, con- 
straints on them, and relationships among objects. The object-oriented database overcomes the short- 
coming of relational, hierarchical, and network data models. This model can even store unstructured 
data such as images, audio, and video that can be used in complex applications. Some applications 
where they can be used are computer-aided design (CAD), computer-aided engineering (CAE), com- 
puter-aided manufacturing (CAM), computer-aided software engineering (CASE), expert systems, and 
multimedia systems. An object-oriented data model supports the following object-oriented concepts. 
Object A real-world entity is uniformly modelled as an object having a unique identity and used to 


select an object to retrieve. 
Attributes and methods Every object has a set of values for the attributes and methods which operate 


on the values of the object. 
Message Methods of an object can be accessed or invoked from outside the object by explicitly passing 


messages to it. 
Class It is a set of all the objects which share the same attributes and methods. An object must belong 


to only one class. 
Inheritance A new class can be created from an existing class in such a way that the inherited class 


inherits all the attributes and methods of the existing class and may have additional attributes and 


methods. 
The main advantage of the object-oriented data model is that it supports the development of a data- 


base application using an object-oriented programming language. This has made database implementa- 


tion more convenient and efficient. 


2.13 KEY TERMS 
To understand the building blocks of relational databases, let us first get familiar with certain key terms. 


Table Database is a collection of related tables. These tables are also known as relations. Therefore, 
databases that support the concept of relations are called relational databases. Each table is laid out in 
a tabular format consisting of rows and columns. While each row represents an entity or an object, col- 
umns are fields of the record. These fields represent the attributes of an entity. 


ES Rows are also known as tuples. 


[57g ) Information Technology and its App 


lications in Business 


igning databases, we need to first iden- 
subject areas for which a ase 
intained. These subject areas will becom’ 
ee of two types—one that has a physi- 
cal existence and the other that has a conceptual wine 
(Figure 2.15). While the former can be a particular perso! = 
car, house, or employee, the latter can be a company or 


Entities When des 
tify the entity or the 


e2.15 Types of entities 


Figur 


to record his roll number, name, 


course. 

For example, in a college’s database we can have a bases cai ic | 
course, class teacher, marks, address, phone e an e KRONER „ibuan This mono thas 
Attributes Any entity is described using certain properti ee ge 


attributes of a student are name, 
department, designation, manager, salary, eto, 
on the other hand, is an identified ele- 


an attribute is a property of the entity. For example, 

marks, etc. Similarly, attributes of an employee are name, de 
While an entity is a uniquely identifiable object, an attribute, 

ment within an entity. 

Keys When designing tables, we nee 

this purpose we use a key. : 
b. example, in your class, each student has a unique roll E n Viu ete S deni = 


name, they will have a different roll number, Similarly, when d : à 
be used as a key. This key value will be used to search a record from a large number of records efficiently in 


less time. There are different types of keys as follows. 
Candidate key A candidate key is a key that is eligible to become the primary key. For example, in a 
Student table with attributes such as ro11, no, name, phone, no, course, marks, and address, one possible 
candidate key is the ro11, no, and the second can be a combination of name and phone no. 
Therefore, we can say that a candidate key is an attribute or a combination of attributes that uniquely 
identifies an entity. Every table must have at least one candidate key although some tables can also have 


d some mechanism to uniquely identify a particular record. For 


two or more. 


Es 


Primary key A primary key is an attribute, 


A candidate key is a column or a combination of columns that satisfies all requirements of a) 
primary key and therefore has the potential to become a primary key. j 


key : Table/Relation—Student Attributes. Foreign Key 

or combination of attributes, that allows each mm y 

VE ME " iveral 7 Pone Mar [Added 

record to be identified uniquely. For example, AS EN oe | E 
if the Student table has attributes roll_no, CEC oe ieee cL LI 
university enrolmen Tule) — i 

E Be Ri name, course, Tom ABOD/BCA/003 4 |Farhan [9910035791 |Copemicus | CS-102 

, etc., oll no or univer- ABCD/MTECH/OOS [armar [o000800853 [wall Road 65108 
E ] 
sity enrolment no can be made the primary t Ba A 
. © i 
key. Note that either of them but not both can Nc arane the Atomate oy 
i Alternate Key 
be used as primary key as any one of them sat- er compost Key 
isfies the purpose. En 
Course ID. | Coi 
Alternate key If a table has more than one 0 lern RR 
" E CS-102 BC, 
candidate key, then one of them is chosen as cs | wah 
Table—Course details 


the primary key and all the other candidate 


Figure 2.16 Tables and keys 
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are called alternate keys of that table. This means that primary key is also a candidate 
Lid . if any, are called alternate keys. ird key and the 


For example, if we choose roll_no as the primary key, then university_enrolment_no and the com- 
| bination of name + phone_no are the alternate keys as shown in Figure 2.16. 


Composite key A composite key is a key made up of two or more attributes within a table to uniquely 
identify a record. For example, in the Student's table, the combination of name and phone_no forms a 
composite key. 


A —— -— = = asi 

| It is always recommended to choose a simple key as the primary key rather than choosing a 
composite Key 

Foreign key A foreign key is an attribute of a table that matches the primary key of another table. Such 

a key is specifically created to cross-reference tables. Foreign keys are used to restrict the domain of 

attribute(s) in the referencing relation and one or more records in the referencing relation can have the 

same value for the foreign key attribute. 


For example, in a Student table, course id is the foreign key. Course idis the primary key of the 
table—Course Details. The Student's table can have limited values; that is only those specified in 
Course Details. Therefore, they are restricting the domain of attributes. Although there is a unique 
course id in the Course Details table but in the Student table (referencing table), the course id may 
have same values. 


ES Foreign keys do not have a unique value in the referencing table. ) 


From tables given in Figure 2.16, it is clear that primary keys are used to define the relationships among 
the tables. When primary key of one table is used as an attribute in another table, it becomes a foreign key in 
the other table. Moreover, a table can have more than one foreign key. 

Referential integrity Foreign keys support the concept of referential integrity that ensures that rela- 
tionships between tables remain consistent. When one table has a foreign key, the concept of referential 
integrity states the following. 


+ A record in a table with a foreign key cannot be added until there is a corresponding record in the 
linked table. This means that if there is no course MCA with course_id 4 in the Course Details table, 
then no student in the Student table can have course_id as 4. 

+ A record in a table with a foreign key is deleted if the foreign key, that is, the primary key of 
the other table is deleted. This means if CS-101 is deleted from the Course Details table, then all 
rows in the Student table with same course_id are also deleted. This property is called cascading 
delete. 

* A record in a table with a foreign key is updated if the foreign key, that is, the primary key of the 
other table is changed. This means if CS-101 is updated to CS-111 in the Course Details table, it 
is still then all rows in Student table with same course idare also updated. This property is called 
cascading update. 


Data dictionary A data dictionary is a vital component of databases as it stores the metadata—data 
about data. Since it contains description of all the data stored in the database, it can be shared by several 
applications. Although a data dictionary is a crucial component, it is still invisible to the users and it 


from users ensures that its 


es mary 
Hiding one intenti 


Technology anu n 
y. 
ions. E i 
owing information about data: 


base administrators. À 
ipulated only by er or accessed yie s 
dat 


stores the structure ofthe 


tables and their attributes 


¡butes in the table 
field in the table se date of birth should be petween say 1914-2014 
utes—for example, e 


the table 


« Foreign keys 
. ns rights specifying who can use the database 
+ Source of data in the table data is altere 
+ Application programs that can use that data so that when the 
programs that can be affected is generated easily err BR, 
There are two types of data dictionaries—active data dictionary and en : p dpa 
ai data dictionary is automatically updated as changes occur 1n the data! ‚ap 
ary on the other hand must be manually updated. e 
Use of data dictionary The following are the uses of data dictionary: 
+ ]tis used by database designers, users, and administrators for getting useful in! 


| + It contains information about hardware and software. 
+ It maintains documentation on database design process. 
+ It contains information about data ownership. 
+ It stores information about relationships that exist among data. 
+ Database administrators use the data dictionary to control and maintain large databases. 
+ Database programmers use the data dictionary to develop programs and queries. They can also 
write procedures to manipulate data. 
+ It is used to maintain data integrity and accuracy. 
+ It allows users to know what data is available, in which format, and how it can be obtained. 


d, the list of application 


formation about data. 


2.14 RETRIEVING DATA THROUGH QUERIES 


Database users can easily retrieve data from the 
database using the structured query lan; 
guage Ph 

(SQL). The SELECT statement of the SQL allows 380967 
users to query or retrieve data from a table in the 
database. S query may retrieve data from one 
or more columns in the table. The syntax of the 
SQL SELECT statement can be given as follows: 


9891123456 


9818086420 


SELECT column_name(s) FROM table_name ur EIER abie 

where table_name is the name of the i 

| N table from which the da i 

includes the name(s) of the columns from which the data pe ers a a 
Consider the student table given in Figure 2.17. = 


f 
l 
| 


Re 
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To select the names of all the students the following query can be executed on the database. 


SELECT name FROM student; 
The output of the query can be given as follows: 


Anand 
ghaskar 
pinkar 
Farhan 


Harman 
To select the names and phone number of all the students, the following query can be executed on the 


database. 
SELECT name, phone-no FROM student; 


The output of the query can be given as follows: 


Anand 7838098765 
Bhaskar 9891123456 
Dinkar 9818086420 
Farhan 9910035791 
Harman 9999980654 
fic and relevant data from the table 


The SELECT statement can be extended further to retrieve only speci 
leaving the rest. For this, it must be used with the WHERE clause. For example, if we want to see all the 


details of a particular student then using only the SELECT statement will retrieve the details of all the 
ry and the complexity to find 


students in the class. This will increase the processing time for the que 
the particular records amongst the record of the entire class. Therefore, the WHERE clause can be used 
to restrict the data that has to be retrieved. The syntax of the SELECT statement in conjunction with the 


WHERE clause can be given as follows: 
The syntax fora WHERE clause with the SELECT statement is as follows: 


SELECT column_name(s) FROM table_name 
WHERE condition; 


the condition is used to filter the rows retrieved from the table and gives only the ones those are 


Here, 
e 2.17. The query to see the details of student with roll 


actually required. Considering the table in Figur 


number 5 can be given as follows: 
SELECT rno, name, phone-no, address FROM student 


WHERE rno=5 


2.15 DATA WAREHOUSE 


Data warehouse is an information delivery system that integrates and transforms an org; 
into information to make it suitable for making strategic decisions. For building a data warehouse, cur- 
rent and historical data are pulled from the organization's databases and from other external sources and 


anization’s data 


stored in the data warehouse. 


defines data warehouse as “a gu, 
data in support of management: 


A ather of data ware ^ 
W. H. Inmon, rightly called D. [and] time-variant co 


2.15.1 Subject-oriented Data met ticas ls 

transacti i ion on the day” : bal dem 
a f epum Poen depen concerned with the factors in the business enviro E d 
jon of the bus . 


that are driving those transactions vidual applicat 


jects. Fora retail store, sal h 
no application flavour. The data in a data eis 
involved in different types of transactions. For exi , 
system may also be a supplier appearing in = d pria syst 
the customer data. There is no single consolidate: view O à 3 
Considering the way in which the decision-maker uses the data, this structure is very cumbersome, Aj ak 
decision-makers are interested in subjects, to geta complete picture © 
to access many tables within many applications. Data warehouse, there " 
ect is contained within one table. 


Account application could bi i 
bytes long, but only six byte: : is 
; s long in the Figure 2. 5 
Checking Account application. e Figure 2.18 Data derived from transactional 
Therefore, databases 


one place so that the data for a particular subj Dat 
int 
2.15.2 Integrated Data val 
The warehouse, however, does more than = 
gathering data. It derives its data from the = 
transactional databases as shown in Figure Savings Checking > 
2.18. The integration process consists of ica = 
two tasks —data cleansing and data trans- ha 
formation. The origin of the data is invisi- - 
ble to the users. 5 
For proper decision-making, data in a 
the data warehouse is taken from various > 
applications in which data layout, charac- : 
ter code representation, and field naming 
conventions could be different. For exam- ; 
ple, the account number in the Savings ! 
[ 


, the data must be cleansed to 


cleansin, i 
8 process is faulty, the decision-maker does not trust e np E 


the data and the warehouse fails. 
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Table 2.4 Integration issues 


Customer Name 


‚rnational Business Machines 


2.15.3 Non-volatile Data 


Data from different systems are moved Data from the 
into the data warehouse at specific inter- operational systems ‘See 
vals. Di ding on busi E is loaded into the 
. Depending usiness require- data warehouse 
ments, these data movements take place Operational Data warehouse 
database 


twice a day, once a day, once a week, or 
once in two weeks. As shown in Figure 
2.19, business transactions do not update 

the data in the data warehouse. They Read Add Change Delete Read 
update only the transactional systems in 


real time. We add, change, or delete data 
from a transactional system as each transaction happens but do not usually update the data in the ware- 


house. Data is not deleted in the data warehouse in real-time. This means that once data is stored the 
data warehouse, it is permanently stored there and is not altered. Hence, it is called non-volatile storage. 


Figure 2.19  Non-volatility of data 


2.15.4 Time-variant Data 


For an operational system, the stored data contains 
day-to-day current operations. For example, inan ord 
status of the order. On the other hand, the data in th 
sion-making. If a user is looking at the buying pattern of a specific customer, 


about the current purchase, but on past purchases as well. 
A data warehouse, because of the very nature of its purpose, has to contain historical data and not just 


current values. Data is stored as snapshots over past and current periods. The time-variant nature of the 
data in a data warehouse (as shown in Figure 2.20) has the following features: 


the current values because these systems support 
ler entry system, the status of an order is the current 
e data warehouse is meant for analysis and deci- 
the user needs data not only 


* Allows for analysis of the past 
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+ Relates information to the present 
+ Enables forecasts for the future 
le concept, it involves 


Although a simpl: 


ing the data, storing the data, and 


+ Time horizon-current 
from 60-90 days 

* Key structure may/may ” 
not contain an element 
of time 


Figure 2.20 Time-variant data 
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ta extraction, loading the u 
rent functions —dat rag n 
ghe user interfaces, aS shown in Figure 
: + Time horizon-current 
as well as historical [^ 
5 to 10 years ; 
e Key stricture maymay E 
not contain an element Be 
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Ri Sophisticated snap t 
of data 


Data 
transformation 
Data 
functions such as warehouse 
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data extraction, 
cleansing, and 
aggregation 


Data warehouse user 
Data warehouse users 
comprises of executives, 
managers, and business 
analysts 


Figure 2.21 Data warehousing process 


Table 2.5 shows the various uses of a data warehouse system. 


Table 2.5 Uses of data warehouses 


Í Financia and banking 


== 


l Airlines 


| Matic 


| Government 


Customer loyalty and targeted marketing 
Risk management and fraud detection 
Route profi itability and promotional schemes 


Cost reduction and resource ale 


development, ; and cost control 


Manpower planning, 
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Table 2.6 summarizes the differences between the current operational system and the needed decision 


N support system. 
Table 2.6 Operational system vs decision support system 


o ug 


m/data 


| | Data content Current values Archived, summarized, derived | 
| Data structure Optimized for transactions Optimized for complex queries | 
| Access frequency High Medium to low à ] 
f eos ype Read, update, delete Read | 
| Response time Sub-seconds Several seconds to minutes | 
User number Large numbers Relatively small number | 
Characteristics Operational processing Informational processing 
Orientation Transaction Analysis 
Users Clerk, DBA, database Knowledge worker, e.g., 
professional manager executives, analysts | 
Fünction Day-to-day operations Long-term informational 
requirements, decision support 
Summarization Highly detailed Summarized 
Unit of work Short, simple transaction Complex query 
Number of records accessed Tens Millions | 
Database size 100 MB to GB 100 GB to TB | 


2.16 DATA MINING 


Data mining refers to using a variety of techniques to identify nuggets of information or decision-mak- 
ing knowledge in the databases and extracting these in such a way that they can be put to use in areas 
such as decision support, prediction, forecasting, and estimation. The data is often voluminous, but it 
has low value and no direct use can be made of it. It is the hidden information that is useful. 

As an analogy, imagine a very wide and very deep pit densely packed with some important material. 
You use a set of sophisticated drilling tools to dig and unravel the contents. You do not know what exactly 
you hope to get from your effort. Nothing may turn up, or you may be fortunate to find some real gold 
nuggets. You may discover this valuable treasure that you never knew was there in the first place. You 
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2.16.1 What can be Discovered? max 
The kinds of patterns that can be discovered depend upon the data mining tasks employed. By and m! 
large, there are two types of data mining tasks—descriptive data mining tasks that describe the general Out 
properties of the existing data, and predictive data mining tasks that attempt to do predictions based on] — ?!€ 
inference on available data. bet 
The data mining functionalities and the variety of knowledge they discover are briefly presented as dor 
follows. Ev 
Characterization Data characterization is a summarization of general features of Objects in a target z 
class and produces characteristic rules. The data relevant to a use; -specified class are normally retrieved the 


by a database query and run through a summarization module to extract the essence of the data at differ- 


ent levels of abstractions. For example, one may want to characteri i i 
, rize the video | mers who 
regularly rent more than 30 movies a year. od 
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| in a transaction when another item appears, is used to pinpoint association rules. Association 
appears is commonly used for market basket analysis. For example, it could be useful for the video 
De d manager to know what movies are often rented together. 


| Dsiücation Classification analysis or supervised classification is the organization of data in given 
classes. The classification uses given class labels to order the objects in the data collection. Classification 
es normally use a training set where all objects are already associated with known class labels. 
The classification algorithm learns from the training set and builds a model. The model is used to clas- 
sify new objects. For example, after starting a credit policy, the video library managers could analyse 
the customers" behaviour vis-à-vis their credit, and label the customers who received credits with three 
;ble labels—safe, risky, and very risky accordingly. The classification analysis would generate a 
k model that could be used to either accept or reject credit requests in the future. 
d Prediction Prediction has attracted considerable attention given the potential implications of successful 
ting in a business context. There are two major types of predictions—one can either try to predict 
some unavailable data values or pending trends, or predict a class label for some data. The latter is tied to 
classification. Once a classification model is built based on a training set, the class label of an object can 
; be foreseen based on the attribute values of the object and the attribute values of the classes. Prediction is, 
however, more often referred to the forecast of missing numerical values, or increase/ decrease trends in 


time related data. The major idea is to use a large number of past values to consider probable future values. 
Clustering Similar to classification, clustering is the organization of data in classes. However, unlike 


classification, in clustering, class labels are unknown and it is up to the clustering algorithm to discover 
acceptable classes. Clustering is also called unsupervised classification, because the classification is 
not dictated by given class labels. There are many clustering approaches all based on the principle of 
maximizing the similarity between objects in a same class (intra-class similarity) and minimizing the 
similarity between objects of different classes (inter-class similarity). 

Outlier analysis Outliers are data elements that cannot be grouped in a given class or cluster. They 
are also known as exceptions or surprises and are often very important to identify. While outliers can 
be considered noise and discarded in some applications, they can reveal important knowledge in other 
domains, and can thus be very significant and their analysis valuable. 


Evolution and deviation analysis Evolution and deviation analysis pertain to the study of time related 
data that changes in time. Evolution analysis models evolutionary trends in data. Deviation analysis, on 
the other hand, considers differences between measured values and expected values, and attempts to find 
the cause of the deviations from the anticipated values. 
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2.17 DATA MINING AND DATA WAREHOUSE 


Data mining fits well and plays a significant role in the data warehouse environment. A clean and com- 
plete data warehouse forms the bedrock for data mining and the data warehouse enables data mining 
Operations to take place. The two technologies support each other. The following are some factors of 
this relationship: 
« Data mining algorithms need large amounts of data, more so at the detailed level. Most data ware- 
houses contain data at the lowest level of granularity. 
* Data mining flourishes on integrated and cleansed data. If your ETL functions were carried out 
properly, your data warehouse contains such data, very suitable for data mining. 
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2.17.2 Applications of Data Mining 
There is a wide variety of applications benefitting from data mining. The technology encompasses a 
rich collection of techniques that cover a wide range of commercial and non-commercial applications. 
Non-commercial use of data mining is more pervasive in the research area. In oil exploration and 
research, data mining techniques discover locations suitable for drilling, based on the availability of 
potential mineral and oil deposits. Similarly, pattern discovery and matching techniques have military 
applications in providing assistance to identify targets. Medical research is a field where data mining 
helps researchers in examining correlations between diseases and patient’s symptoms. Crime investiga- 
tion agencies use data mining to connect criminal profiles to crimes. In astronomy and cosmology, data 
mining helps to predict cosmic events. 
= Erin areas, data mining technology has widespread applications in the commercial arena. 
g is a list of applications of data mining across various areas in business. 
pas posar It is the most widely used application. Businesses use data mining to under- 
ers. Cluster detection algorithms discover clusters of customers sharing the same 


information. 


associated with potential customers. 
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d detection Credit card companies use data mining to discover abnormal spending patterns of 
Meet. Such patterns can expose fraudulent use of the cards. 
quency tracking Loan companies use the technology to track customers who are likely to default 
n ents. 
Demand prediction Retail and other businesses use data mining to match demand and supply trends to 
forecast demand for specific products. 
2.17.3 Benefits of Data Mining 
Data mining helps uncover the useful knowledge lying buried under mountains of data across compa- 
nies. Otherwise, the data would have never been discovered and the benefits from using the discovered 


patterns and relationships would have never been realized. 
In order to appreciate the enormous utility of data mining, let us enumerate the types of benefits of data 


mining actually realizable in real-world situations: 
* Ina manufacturing company, some employees of a department can be corrupted and there may be 
a variation between the purchase orders and the freight bills. Data mining detects criminal behaviour 
by uncovering patterns of orders and premature inventory reduction. 
* A company can improve sales of a product by sending direct promotional discounts to its customers 


through a targeted campaign. 
* A retail chain can improve its daily sales by rearranging the shelves based on discoveries of affini- 


ties of products that sell together. 

* Anairlines company can increase sales by discovering travelling patterns of frequent flyers. 

* An insurance company can save large amount of money by detecting fraudulent claims. 

* A manufacturer company can increase sales by forecasting sales of their products based on patterns 
discovered from the historical data stored in the data warehouse. 

* A banking corporation with investment and financial services can prevent loss by detecting early 


warning signs for attrition in its checking account business. 


2.17.4 Disadvantages of Data Mining 

Though data mining technology helps in decision-making that is beneficial for business growth, one can 
come across several disadvantages of data mining systems. These disadvantages include the following: 
Privacy issues With a rising number of people on social networking websites and increase in online 
shopping and other online activities, a large amount of data is being generated every day and stored 
for analysis. The companies are even collecting data whenever they have a new customer or when an 
existing customer buys a product. Just imagine, whenever a business is acquired by another company, 
all personal information it owns is then given to that company which may sell (or leak) this information. 
According to a news article, American Express had sold the details of the credit card purchases made 


by their customers. 

Security issues Security is a big issue. Businesses store a lot of information about their employees 

and customers. This information includes personal details such as PAN, ADHAAR number, credit card 
number, birthday, salary, and address. All this data must be kept very safely. We often hear about hackers 
accessing and stealing the data of customers from big corporations such as Ford Motor Credit Company, 
Sony, and recently even from Indian banks. Even the US presidential polls in the year 2016 were said 
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2.18 BIG DATA 
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data warehouses may not be able to handle the processing demands posed by sets of big 
Foret are updated frequently or even continually. This is especia ly important in the case of real-time 
dita on stock tradin ig or analysing the online activities of website visitors or the performance of mobile 
"Pr ig data analytics environments and technologies including Hadoop, MapReduce, and NoSQL data- 
bases can process huge data sets over clustered systems. 

Big data analysis techniques ues can analyse e largó data sets of size ranging from few terabytes m 

zettabytes. — — PESE ) 


2.18.1 History and Evolution of Big Data Analytics 
The history of big data analysis can be traced back to 1950s when people were not even aware of the 
term big data. In those days, people were analysing business numbers in a basic spreadsheet software to 


uncover insights and trends in the business. 
Later, businesses switched to data warehousing and data mining techniques to gather information, 


run analytics, and unearth information that could be used for future decisions. However, today busi- 
nesses have grown to an extent that they are seeking to identify insights for immediate decisions. The 
ability to work faster and stay agile gives organizations a competitive edge like never before. 


2.18.2 Benefits of Big Data 

Big data analytics helps organizations to harness their data and identify new opportunities. This leads 
to smarter business moves, more efficient operations, higher profits, and happier customers. Big data 
analysis helps business in the following ways: 

Cost reduction Big data technologies such as Hadoop and cloud-based analytics give significant cost 
advantages when it comes to storing large amounts of data. This data can be analysed to identify more 
efficient ways of doing business. 

Faster and better decision-making Because of the speed at which new data sources and types of data 
can be analysed, businesses are able to analyse information immediately and make decisions based on 


what they have learned. 
New products and services The ability to map customer needs and satisfaction through analytics gives 
customers what they exactly want. Therefore, businesses are using big data analysis techniques to meet 


customer needs. 
a 


ES | Big data analysts typically want che knowledge that comes from analysing the data, 


2.18.3 Applications of Big Data 


Researchers are using big data to do the following things: 
* Decode human DNA in minutes 
* Predict where terrorists plan to attack 
+ Determine which gene is most likely to cause certain diseases 
* Determine the ads a user is most likely to respond to on Facebook 
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. en processing, which is a subset of online 
processing, users submit requests to perform some 
transaction(s) that must be completed before the 
specified deadline (which is usually very near). 

* In centralized data processing, all data processing 
operations and calculations are performed by the 
central computer and different terminals (com- 
puters) are connected to the central computer for 
sending requests and receiving outputs. 

* In decentralized data processing (DDP), relatively 
smaller computers located at different places in an 
Organization are connected to each other with or 
without a central authority. 

* A sequentially organized file stores records in the 
order in which they were entered. 

g Relative file organization provides direct access to 
individual records, 
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from the database, 
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Alternate key If a table has more than one candidate 
then onc of them is chosen as the primary key 
and all the other candidate keys are called alternate 
key of that table 
Batch A set of requests that are processed together, 
often long after the requests were submitted 
Big Data analytics The process of collecting, 
izing, and analysing large sets of data (called 
Big Data) to discover patterns and other useful 
information 
Candidate key A key that is eligible to become the 
primary key 
Central computer A large computer that manages 
resources of an organization and shares it with other 
computers in the system 
Composite key A composite key is a key made up 
of two or more attributes within a table to uniquely 
identify a record 
Database A collection of related data organized in 
a way that allows users to easily access, update and 
maintain the data 
Database schema A layout of the database 
DBMS A collection of interrelated data and a set of 
programs that enables multiple users to access, mod- 
ify, share, and process it simultaneously 


Directory A collection of related files 
Field An elementary unit that stores a single fact 


Multiple-choice Questions . . 

1. Which of the following is an elementary unit 
that stores a single fact? 
(a) Field (c) File 
(b) Record (d) Directory 

2. A collection of related data fields is known as 
a š 
(a) data field (c) file 
(b) record (d) directory 


File A collection of records 


Foreign key An attribute of a table that matches the 
primary key of another table 


Index table A table that stores record number and 
the address of the record in the file 

Link An association between two or more records 
Logical data independence The ability to change 
the logical schema of the database without affecting 
its external schemas or application programs 
Mapping The process of transforming the requests 
and results between the three levels of schema 
architecture 

Metadata Data about data 


Physical data independence The ability to change 
the internal schema without affecting the logical or 


external schema 
Query The statement written to retrieve information 
Query language The part of the DML that retrieves 
the information from the database 
Record A collection of related data fields that is seen 
as a single unit from the application point of view 
Relational database A collection of related tables 
also known as relations. Therefore, databases that 
support the concept of relations are called relational 
databases 
Table A collection of data records where each record 
contains the same fields 


3. A collection of related records is known as a 


(a) file system (c) file 

(b) field (d) directory 
4. A directory stores information of 

related, " 

(a) fields (c) files 

(b) records (d) file systems 
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9. processing is best in cases where 
interactive communication is desirable. 


(a) Batch (c) Transactional 
(b) Online (d) Real-time 
10. Airline reservation system is an example of 
processing. 
(a) batch (c) transactional 
(b) online (d) real-time 
1. processing is a subset of online 
processing. 
(s) Batch (c) Transactional 
(b) Serial 


(d) Real-time 

12. Data is automatically taken from sensors and 
Processed without user intervention in 
Processing, 


^ = (c) transactional 
wee line (d) real-time 
* D processing, transactions are 
ons sequentially, 
Du P sería] 
a 1 d) real.ti 
14, Heeres utilization of resources aT ; 
lective implementation Of security and 
Privacy 8 is difficult in 
Processing, 


centralized (c) 
o decentralized (d) a 
15. Processing in bank branches mia t 
reservation are respectively Categori 
processing. a 
(a) centralized, decentralizeg 
(b) centralized, centralized 
(o) decentralized, decentralizeq 
(d) decentralized, centralized 
16. Which of the following is not a gi. 
organization technique? 
(a) Indexed (©) Parallel 
(b) Sequential (d) Relative 
17. — file organization Stores rep] 
the order in which they are entered, 
(a) Indexed (c) Multis 
(b) Sequential (d) Relative 
18. Deleting and updating records in which ky 
of file requires replacing an old file with ty 
new one? 
(a) Indexed 


(c) Multi-key 
(b) Sequential 


(d) Relative 

19. All records having the same size and them 
field format, and every field having a fixed 
is a characteristic of which file organizati 
(a) Indexed (c) Multi-key 
(b) Sequential (d) Relative 

20. In a sequential file, all records are sorted bs 


on the field. 
(a) name (c) key 
(b) ID (d) none of thes 


21. Payroll processing of all the employees of! 


organization can be done using a/an 
file, 


(a) indexed (c) multi-key 

(b) sequential (d) relative 
22. Af an______ file does not support? 

access, 

(a) indexed (0) mulie 

(b) sequential (d) relative 
23. Alan file does not support 


interactive applications. 
(8) indexed 


(b) seauentiat 


(e) muli? 
(A relative 


28. In the fil 
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(a) tran 
(b) ma 

29. Alan _ 
master | 
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30. In the 1 
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24. Alan file can be used for both 
random access of data as well as for sequential 
access. 

(a) indexed (c) both of these 
(b) relative (d) none of these 
25. The record number represents the location of 
the record relative to the beginning of the file 
in which type of file? 
(a) Indexed (c) Multi-key 
(b) Sequential (d) Relative 
26. A/an, file is well-suited for interactive 
applications. 
(a) indexed (c) multi-key 
(b) sequential (d) relative 
27. Records are of equal size in type of 
file organization. 
(a) indexed (c) relative 
(b) sequential (d) all of these 
28. In the file-oriented approach, the temporary 
file is also known as file. 
(a) transaction (c) backup 
(b) master (d) output 
29. A/an file is used to update the 
master file. 
(a) transaction (c) backup 
(b) master (d) output 
30. In the file-oriented approach, the file 
contains all data relevant for an application. 
(a) transaction (c) backup 
(b) master (d) output 
31. In case of data loss, the original file can be 
restored from the ______ file. 
(a) transaction (c) backup 
(b) master (d) output 
32. A is a collection of the related 


data organized in a way that allows users to 
easily access, update, and maintain the data. 


(a) field (c) file 

(b) record (d) database 
33. A database stores data. 

(a) organized (c) inconsistent 

(b) redundant (d) all of these 


34. Separating physical storage of data from 
application programs that access it means 


(a) organization 
(b) redundance 
(c) inconsistence 
(d) data independence 
35. The World Wide Web stores data. 


(a) textual (c) both (a) and (b) 
(b) multi-media (d) none of these 
36. Information about data in the database is 
stored in a š 
(a) file (c) data dictionary 
(b) directory (d) master file 
37. Data in a database is searched for using 
(a) words (c) fields 
(b) keywords (d) records 
38. Data accessibility is the easiest and most 
efficient in a 


(a) master file (c) output file 
(b) transaction file (d) database 

39. Data stored in files must satisfy certain types 
of consistency constraints. This ensures data 
(a) dependency (c) integrity 
(b) consistency (d) isolation 

40. Data must be restored to the correct state 
that existed prior to the failure. This ensures 


(a) atomicity (c) integrity 
(b) consistency (d) isolation 

41. Not every user should be able to access all the 
data. This ensures o 
(a) atomicity (c) integrity 
(b) consistency (d) security 

42. When a transaction is performed, either all or 
none of its operations must be completed. 


This ensures . 
(a) atomicity (c) integrity 
(b) consistency (d) security 


43. After the transaction is complete, the database 
should have the correct information. This 


ensures 
(a) atomicity (c) integrity 
(b) consistency (d) security 
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transactions are permanently 


bia ie device. This ensures 


stored on a storage 

(a) atomicity 

(b) consistency 
45. The result of runnin 


the same as running one 
This feature is ensured by the property © 
(a) isolati (c) integrity 
(b) consistency (d) durability 
46. Which of the following is not a database 
software? 
(a) MS Access (c) MS Excel 
(b) SQL Server (d) Oracle 
47. Application programs to access, retrieve, 
update, delete, or add new data to the database 


(c) integrity 
(d) durability 
ga set of transactions is 


transaction at a time. 
f data 


is written using which language? 
(a) C (c) SQL 
(b) CH (d) Java 
48. Technical details of databases may not be 
known by the " 
(a) end-users 


(b) application programmers 
(c) system analyst 
(d) DBA 
49. People working at railways reservation 
counters are an example of 
(a) sophisticated end-users 
(b) application programmers 
(c) unsophisticated end-users 
(d) DBA 
50. Who makes the strategic and policy decisions 
regarding the data? 
(a) End-users 
(b) Application programmers 
(c) System analyst 
(d) DBA 
51. Who provides technical support for 
en these decisions and is 
responsible for overall c. 
the lenia en ontrol of the system at 
(a) End-users 
(b) Application programmers 
(c) System analyst 
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(d) DBA 
52. Training employees in database manag 
and use is the work of the 1 ment 


(a) end-users 
(b) application programmers 


(c) system analyst 
(d) DBA 


monitor and perform 


53) n 
all activities related to database design, 


implementation, maintenance, and security, 


(a) End-users 
(b) Application programmers 


(c) System analysts 
(d) DBAs 


54. identify the end-users’ requirement 
and plan solutions. 
(a) End-users 
(b) Application programmers 
(c) System analysts 
(d) DBA 

55. — isacollection of interrelated data 
and a set of programs that enable multiple 


users to access, modify, share, and process it. 


(a) File (c) DBMS 
(b) Database (d) Directory 
56. There are levels of data view. 
(a) 1 (c) 3 
(b) 2 (d) 4 
57. Which of the following is not a type of data 
view? 
(a) Tabular (c) External 
(b) Internal (d) Physical 


58. Which data view focuses on how data is 
actually stored? 
(a) Tabular (c) External 
(b) Internal (d) Physical 
59, What data is stored in database and the 
relationships that exist among that data is 


specified by which view? 
(a) Logical (c) External 
(b) Internal (d) Physical 
60. End users are interested in which data view? 
(a) Logical (c) External 
(b) Internal (d) Physical 
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viow hides all complexities to 
a xx desi with tho user's view of the database, 
(c) External 
(d) Physical 
6 view enables customization of data 
according to user's needs. 
(c) External 
(d) Physical 
describes the structure of a 
database in a formal language supported by 
the DBMS. 
(a) View 
(b) Schema 
64. There can be 
J schema. 
(a) 1 
(b) 2 
65. There can be ____ 
physical schema. 
(a) 1 
(b) 2 
66. There are 


(c) Architecture 
(d) Template 
number of external 


(c) 3 
(d) any 
number of logical and 


(c) 3 
(d) any 
levels of database schema. 
(a) 1 (c) 3 
(b) 2 (d) any 
67. schema can be easily implemented 
without affecting the application programs that 
are using the data. 
(a) Logical (c) External 
(b) Internal (d) Physical 
68. — —  — schemais managed by the 
operating system under the direction of the 
DBMS. 
(a) Logical (c) External 
(b) Internal (d) Physical 
69. — schemaisoften used by the 
application developers and programmers to 
develop applications. 
(a) Logical (c) External 
(b) Internal (d) Physical 
70, schema describes a part of 
the database as per the user's requirements 
and hides the rest of the database from that 
user. 
(a) Logical 
(b) Internal 


(c) External 
(d) Physical 


71. In the threo-schema architecture, each user 


group has its own view. 
(a) logical (c) external 
(b) internal (d) physical 
72. DBMS transforms the requests from 
level. 


(a) external, physical, logical 
(b) external, logical, physical 
(c) physical, logical, external 
(d) external, logical, physical 
73. The three-schema architecture ensures data 


(a) isolation (c) independence 
(b) dependence (d) atomicity 
74. is the ability to modify the 
database schema at one level without affecting 
or changing the schema at the other levels. 
(a) Data isolation 
(b) Data dependence 
(c) Data independence 
(d) Data atomicity 
75. The logical schema may be changed due to 


(a) addition of fields 
(b) addition of constraints 
(c) deletion of constraints 
(d) all of these 
76. schema is changed to improve the 
performance of database. 
(a) Logical (c) External 
(b) Internal (d) Physical 
TR is the ability to change the 
internal schema without affecting the logical 
or external schema. 
(a) Data dependence 
(b) Physical data independence 
(c) Logical data independence 
(d) External data independence 
78. Physical schema of the database may be 
changed due to 
(a) changing storage ae 
(b) addition of indexes 
(c) deletion of indexes 
(d) all of these 
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Database ifies i ity rules 
= specifies integrity 
p and type of operations that can be performed. 
(a) model (c) schema 
(b) view (d) all of these 
that the data is 


80. Integrity rules ensure 


Tli (c) complete 
S pr (d) all of these 
81. data model organizes data ina 
tree structure. i 
(a) Network (c) Relational 


(b) Hierarchical (d) Object-oriented 
82. data model organizes data in a 

parent-child relationship. 

(a) Network (c) Relational 


(b) Hierarchical (d) Object-oriented 
83. A parent can have child/children in a 

hierarchical data model. 

(a) 1 (c) 3 

(b) 2 (d) n 


84. If data is organized by state, within state by 
city, within city by zip code, then which data 
model will best suit the scenario? 

(a) Network (c) Relational 
(b) Hierarchical (d) Object-oriented 
85. Data is represented by links in which data 


model(s)? 
(a) Network (c) Relational 
(b) Hierarchical (d) Both (b) and (c) 


86. Which data model stores data in the form of 


graphs? 
(a) Network (c) Relational 
(b) Hierarchical (d) Both (b) and (c) 
87. Child data element can have many parent data 
elements in which data model? 
(a) Network (c) Relational 


(b) Hierarchical 


(d) Both (b) and (c) 
88. In relational model, each 


i stores a 
(a) row (c) field 
(b) column (d) file 
89. In a relational database, each row represents a 
(a) attribute (c) enti 
(b) value ; 


(d) all of these 
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i i d? 
90. Which data model is easy to expan« 
(8) Network (c) Relational 
(b) Hierarchical (d) Both (b) and (c) 
91. Which type of data cannot be stored in a 


relational data model? . 

(a) Multimedia (c) Spatial 

(b) Temporal (d) Allof these 
92. Which data model is used for CAD/CAM 

applications? 

(a) Network (c) Relational 


(b) Hi erarchical (d) Object-oriented 


93. Which data model is used for expert and 
multimedia systems? 
(a) Network 
(b) Hierarchical 

94. A set of all the objects which share the same 
attributes and methods is called a/an 
(a) class (c) method 
(b) object (d) message 

95. In a relational data model, rows are known as 


(c) Relational 
(d) Object-oriented 


(a) tuple: (c) attributes 
(b) entities (d) table 

96. When designing a relation, an employee will 
be treated as a/an 


(a) attribute (c) relation 

(b) tuple (d) key 
97. An entity is described using a/an 

(a) attribute (c) relation 

(b) tuple (d) key 


98. Which key uniquely identifies a row? 
(a) Primary key (c) Alternate key 
(b) Candidate key (d) All of these 
E is an attribute or a combination of 
attributes that uniquely identifies an entity. 


99, 


(a) Primary key (c) Alternate kt 
à ey 
(b) Candidate key (d) All of these 
100. Every table must have at least candidate 
key. 
(a) 1 (c) 3 
(b) 2 a n 


101. If a table has more than one candidate key, 
then one of them is chosen as the primary key 
and all the others are called 


T keys. 
(a) primary (c) alternate 
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(b) candidate (d) composite 

102. Primary keyisalsoa —— key. 
(a) candidate (c) both (a) and (b) 
(b) alternate (d) none of these 


AS is a key made up of two or more 
attributes within a table to uniquely identify a 


record. 
(a) Primary key (c) Alternate key 
(b) Candidate key (d) Composite key 
104. is used to cross-reference tables. 
(a) Primary key (c) Alternate key 
(b) Foreign key (d) Composite key 
105. acts as primary key of another 
table. 


(a) Foreign key (c) Alternate key 
(b) Candidate key (d) Composite key 
106. integrity checks are made when 
records are added, deleted, or updated in the 
table having the foreign key. 
(a) Data (c) Referential 
(b) Relational (d) Hierarchical 
107. Name of table, attributes, primary key, foreign 
key, etc., are stored in a s 
(c) data dictionary 


(a) table 

(b) database (d) directory 
108. Data dictionary is shared by 

application(s). 

(a) 1 (c) 3 

(b) 2 (d) all 


109. Data dictionary is usually hidden from the 
users so that it is not by the users. 
(a) destroyed (c) accessed 
(b) modified (d) all of these 

110. Documentation on database design process 
and information about data ownership is stored 


in the 
(a) table (c) data dictionary 
(b) database (d) directory 

111. The statement of the SQL allows 


users to query or retrieve data from a table in 
the database. 
(a) select 
(b) query 


(c) retrieve 
(d) get 


112. To select only specific data from the table, we 


use the statement. 

(a) select — where (c) get- where 

(b) select — having (d) get— having 
113. is an information delivery 

system. 

(a) Table (c) File 

(b) Database (d) Data warehouse 


114. In a data warehouse, data is stored by 


(a) attributes (c) subjects 
(b) fields (d) applications 
115. In a transactional system, data is stored by 


(a) attributes (c) subjects 

(b) fields (d) applications 
116. Before storing data in the data warehouse, it 

must be 


(a) cleansed (c) filtered 

(b) transformed (d) both (a) and (b) 
117. Standardizing data means making the 

uniform. 

(a) field names (c) data layout 

(b) character code (d) all of these 
118. Business transactions do not update the data 

in the data warehouse means data in the data 

warehouse is ] 

(a) subject-oriented (c) time-variant 

(b) non-volatile (d) integrated 
119. Data in the data warehouse is meant for 

analysis and decision-making. This requires 

that the data should be 

(a) subject-oriented (c) time-variant 

(b) non-volatile (d) integrated 
120. Time variant data allow users to 

(a) analyse the past 

(b) forecast the future 

(c) relate information to the present 

(d) all of these 


121. Data warehouse stores data. 
(a) archived (c) transactional 
(b) current (d) highly detailed 


i 

^. 
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i iety of 
refers to using a variety ol ; 
i: techniques to identify nuggets of information 
in the database. T 
m Data warehousing (c) Data mining 
(b) SQL (d) IoT 
123. Data mining is a/an discovery 
ess. 
(a) data (c) knowledge 
(b) information (d) results 
124, Data means summarizing 


general features of objects in a target class. 
(a) characterization 
(b) discrimination 
(c) association analysis 
(d) prediction 
125. Data produces rules that are 
used to compare general features of objects 
between two classes. 
(a) characterization 
(b) discrimination 
(c) association analysis 
(d) prediction 
16._________ technique studies the frequent 
item set. 
(a) Characterization 
(b) Discrimination 
(c) Association analysis 
(d) Prediction 
127. organizes data in given classes. 
(a) Characterization (c) Classification 
(b) Discrimination (d) Prediction 
128. Forecast of missing numerical values is done 
using " 
(a) characterization (c) classification 
(b) discrimination (d) prediction 
129, is based on the principle of 
maximizing the similarity between objects in 
the same class and minimizing the similarity 


between objects of different classes. 
(a) Characterization (c) Classification 
(b) Clustering (d) Prediction 

130. is also known as unsupervised 
classification. 
(a) Characterization (c) Classification 
(b) Clustering (d) Prediction 


: the 
131. Outlier analysis finds out = 


(d) all ofthese 14 
data is called 


f trends in ge 
132. na cn (c) classification 


(b) deviation analysis (d) prediction 2 


f measured values 
tudy of differences between me: 
ee values is called. 


e S Rc (c) classification 


(b) deviation analysis (d) prediction 1 
134, Data mining is best applied on 
table 
(b) database 
(c) data warehouse 
(d) transactional systems 
135. Customer segmentation uses the 
technique. h 
(a) characterization (c) classification 
(b) clustering (d) prediction 
136. Market basket analysis uses 
technique. 
(a) characterization 
(b) discrimination 
(c) association analysis 
(d) prediction 
137. Risk management uses 
technique. 
(a) outlier analysis (c) classification 
(b) clustering. (d) prediction 
138. Which of the following is not a disadvantage 
of data mining? 
(a) Mining of information 
(b) Difficult to use 
(c) Privacy issues 
(d) None of these 
139, Delinquency tracking uses 


technique, 

(a) outlier analysis (c) classification 

(b) clustering (d) prediction 
140. is the process of collecting, 


Organizing, and analyzing large sets of data 
(called big data) to discover patterns and other 
useful information. 


(a) Data mining (c) Both (a) and (b) 144. Data warehouse can analyse 
(b) Big data analysis (d) None ofthese data. 
141. Big data can be obtained from ^ (a) megabytes (c) gigabytes 
(a) sensors (c) social media (b) terabytes (d) zettabytes 
(b) video/audio (d) all of these 145. Cloud based analytics is used in 
142. Hadoop is a tool for i (a) data warehousing 
(a) data warehousing (b) big data analysis 
(b) big data analysis (c) data mining 
(c) data mining (d) operational analysis 
(d) operational analysis 146. Identify the latest breakthrough in discovering 
143. Zettabytes of data is analysed using knowledge from data. 
AU IE RS (a) Data warehousing 
(a) data warehousing (b) Big data analysis 
(b) big data analysis (c) Data mining 
(c) data mining (d) Operational analysis 


(d) operational analysis 


Answers to Multiple-choice Questions 


| 1(à 2 (b 3 (c) 4 (c) 5 (a 6. (b 7. (a 8. (a 9. (b) 10. (b) 
| 
11.(d) 12. (d) 13. (b) 14. (b) 15. (d) 16. (c) 17. (b) 18. (b) 19. (b) 20. (c) 

| 21.(b) 22. (b) 23. (b) 24. (c) 25. (d) 26. (d) 27. (d) 28. (a) 29. (a) 30. (b) 
| 31.(c) 32. (d) 33. (a) 34. (d) 35. (c) 36. (c) 37. (b) 38. (d) 39. (c) 40. (a) 
| 41.(d) 42. (a) 43. (b) 44. (d) 45. (a) 46. (c) 47. (c) 48. (a) 49. (b) 50. (d) 
| 51.(d) 52. (d) 53. (d) 54. (c) 55. (c) 56. (c) 57. (a) 58. (d) 59. (a) 60. (c) 
| 61.(c) 62. (c) 63. (b) 64. (d) 65. (a) 66. (c) 67. (d) 68. (d) 69. (a) 70. (c) | 
| Ti.(c) 72. (b) 73. (c) 74. (c) 75. (d) 76. (d) 77. (b) 78. (d) 79. (a) 80. (a) | 
| 81.(b) 82. (b) 83. (d) 84. (b) 85. (d) 86. (a) 87. (a) 88. (a) 89. (c) 90. (c) | 

91.(d) 92. (d) 93. (d) 94. (a) 95. (a) 96. (c) 97. (a) 98. (a) 99. (b) 100. (a) | 
101.(c) 102. (a) 103. (d) 104. (b) 105. (a) 106. (c) 107. (c) 108. (d) 109. (d) 110. (c) | 
| 11.(a) 112. (a) 113. (d) 114. (c) 115. (d) 116. (d) 117. (d) 118. (b) 119. (c) 120. (d) | 
121.(a) 122. (c) 123. (c) 124. (a) 125. (b) 126. (c) 127. (c) 128. (d) 129. (d) 130. (d) | 

131. (d) 132. (a) 133. (b) 134. (c) 135. (b) 136. (c) 137. (a) 138. (d) 139. (a) 140. (c) 

| 141.(d) 142. (b) 143. (b) 144. (c) 145. (b) 146. (b) | 


Meaning of Internet, ; 
| protocols—TCP/IP, UDP, FTP, TELNET [brie! 

| XML [concepts only], ethical hacking, clo 
of things, ethical issues in social networking. 


3.1 INTRODUCTION 


The Internet is a global network t 
of networks. The Internet links different org: 


i i f users. 
home users to share information among a large group o: j 
© Fach computer on the Internet is called a host. To connect to the Internet, the user must gain access through 


a commercial Internet service provider (ISP). The Internet, sometimes known as the Net, allows the users to 


perform the following functions: 


+ Connect easily through ordinary personal computers (PCs) and local phone numbers to share a 


huge pool of information. 


+ Exchange emails with friends and colleagues as the email service has practically replaced the postal 


service for short written transactions and has 
tion on the Net. 

* Converse with other users on the Net where the 
or a combination of all of them. 


* Share important information in a timely manner. 


* Access multimedia information that includes sound, photographic images, and video 
* Browse for information on websites using a web browser. The most f ; 


Internet Explorer, Netscape Navigator, Opera, 


An additional feature of the Internet is that it lacks a 


ferent governing boards that work to establish policii 
and answers no single organization. 


3.1.1 History 


illi ters all ov 
k that connects billions of computers al! © 
: anizations, academic institutions, government Offices, and 


Module | 
Unit 3 


er the world. It is a network 


undoubtedly become the most widely used applica- 


conversation is text-based, voice-based, video-based, 


popular browsers are Microsoft 
Google Chrome, and Mozilla Firefox. 


central controlling authority. Although there are dif 
es and standards, the Internet is bound by a few rules 


created to interconnect co; 
; : mputers so tha : E 
'ommunicate with each other and i O that users in research organizatio® 


are information. 


I eae Pan 


Internet and its Applications 63 


However, it was in 1989 that the US government had lifted restrictions on the use of Internet and 
allowed it to be used for commercial purposes as well. Since then, the Internet has grown rapidly to 
me the world's largest network that connects thousands of networks, billions of computers, and 


hundreds of countries across the world. 


3.2 INTERNET SERVICES 
Today, the Internet has become a part of not only big organizations, universities, and offices but has also 
become the need of home users (like students) all over the world. In this era, life without the Internet 
has become unimaginable. Users access the Internet to avail services like email. In this section, we will 
read in detail about these services. 


3.2.1 Electronic Mail 


Electronic mail or email (Figure 3.1) refers to the 
means of transmission of messages electronically 
over communication networks. These messages may 
vary from notes entered from the keyboard to elec- 
tronic files stored on the disk. Companies that are 
fully computerized make extensive use of emails 
because it is fast, flexible, and reliable. 

Email is one of the most widely used services 
on the Internet. Anyone with an email account can 
send an electronic mail (like a letter) to any other 
person who also has an email account (provided the 
email address of the recipient is known). Usually, the 
structure of the email can be given as username@ 

Figure 3.1 Email 


domain name. 
For example, if a user has created an email account on Gmail, then the email address is username@ 


gmail.com where username is the Gmail screen name. 
Using an email is rather straightforward. If you have an email account, you can just click on the 


option that says something similar to Compose e-mail. Thereafter, you will be prompted to enter the 


following fields. 
To In this field, the email address of the recipient will be written. 
Subject In this field, you can type anything illustrating the content of the message. However, the length 


of this field is limited. 

Body In this field, the content of the message is written. Most email systems include a rudimentary text 
editor for composing messages but users may also edit messages using any other editor of their choice. 
CC and BCC Filling up these fields is optional. However, similar to the To field, the email address of the 
recipient is also entered in these. While CC stands for carbon copy, BCC, on the other hand, means blind 
carbon copy. When you wish to send the 
addresses in the CC: field, separating eac 
the email addresses in BCC are not revealed to 
Goransh and BCC: Radhika, then Radhika will see Goransh'5 email address, 


Radhika s email address. 


same email message to multiple recipients, add the extra email 
h address with a comma. BCC works just like CC, except that 


the other recipients. For example, if you send an email To: 
but Goransh will not see 
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tions 
E) information Technology and its APPICS 
ions enable users to add fi 
„These options i a 

are also options for attachments and forwards ) a message siccived e 
penati Lacs option is used to forward (make a copy. E from SOMegn, En 
pe "C iem. " i 

to Rem it to someone else. AA ches m Ae 
and essages are stored in electronic mailboxes as else, or reply to it. On v = y 
The ae receiver may save it, delete it, forar s S ironic f and easiet to ae 2 
B ti good alternative to the traditional appre no QUES nhe in ffice. n 

d and invo! 
there is no need to buy envelopes and stamps S 
3.2.2 File Transfer Protocol m CUPS - 
i dest application: ner Pia tor 

File transfer protocol (FTP) is lem i Ms vs " . is m ehe ae : a wi 
one computer to another like from detail | 
section 3.7.4. i 
sho 
3.2.3 Chatting ¿ce of the Internet that allows two or more online users to come| y, 
: : y 1 LI 
Internet chatting is a very popular service Chatting helps users to stay connected with concerned peo- = 


together to talk using an instant npa Un pi Though chatting can be fun and entertaining, users 


ple in business or family who live many mi d predators the 
i ures to avoid Internet stalkers and pre . A 

PER cU on the Internet, every user must have an account with a username and pass- = 
word to enter the website, Chatting involves the exchange of typed-in messages between a group of users 
who take part from anywhere on the Internet. The chatting program also enables users to arrange a private po 
chat between two parties who met initially in a group chat. , 2 ! 1 = 

Nowadays, even business organizations are using chatting services to host online business meetings, 
answer any queries of customers, or provide them with online support and assistance. Whether a busi- 
ness chat or a personal chat, it can be ongoing or scheduled for a particular duration. Most chats are 9 
focused on a particular topic of interest and some involve guest experts or celebrities to talk to other n 
online members who want to join the chat. b 
3.2.4 Internet Conferencing : 

E ae of the Internet has changed the way in which business houses arrange conferences. 

owadays, organizations are increasingly switching to Intern i 

involved in travelling and making telephone i ih : et conferencing to reduce the extra costs I 
» thereby resulting in better time management and] © 


enhanced productivity. 


Internet conferencing is quite similar to traditional 


tel n : / : 
Internet conference call, participants will sit at their ‘conferencing, The difference is that during 
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jive presentations, to host small-scale or large-scale seminars, to connect with technical support, and 
S on. The advantages of Internet conferencing are multiple and aid small and established businesses 
alike. 
3.2.5 Electronic Newspaper 
An online newspaper, also known as a web newspaper or an electronic newspaper, is a newspaper on the 
Internet, which is either published separately or as an online version of a printed periodical. 

with online newspapers, users can read the full coverage of breaking news in a timely manner. The 
redibility and strong brand recognition of well-established newspapers, close relationships they have 


ci " n 
rtisers, and savings in overhead costs have led to a shift from the traditional printing process 


with adve! 


to online coverage. 
Online newspapers are almost similar to the hard-copy newspapers and have the same legal bounda- 


ries such as laws regarding privacy and copyright issues. Moreover, news reporters are being taught to 
shoot videos and to write in the succinct manner necessary for news pages on the web. 


3.2.6 World Wide Web 


The technical definition of the World Wide Web (WWW) can be given as ‘all the resources and users on 
the Internet that are using the hypertext transfer protocol (HTTP)'. On the web, all the documents are 
formatted in a special markup language called hypertext markup language (HTML) that supports links 
to other documents, graphics, audio, and/or video files. This feature enables users to jump from one 
document to another simply by clicking on hot spots. You must have noted that when you position your 
cursor on a hotspot also known as hyperlink, the cursor changes to a hand-shaped figure. When you click 


on the hyperlink, you are taken to another part of the information. 
In simple terminology, the WWW is a part of the Internet that allows easy navigation through the use 


of GUIs and hypertext links between different addresses. 

The WWW was created in 1989 by Tim Berners-Lee. The Web, in simple terms, is the user part of the 
Internet. Novice or professional users make use of the Web to communicate and access information for 
business and recreational purposes. There are several applications called web browsers that make it easy 
to access the web. Some popular web browsers are Mozilla Firefox, Opera, Google Chrome, Netscape 
Navigator, and Microsoft's Internet Explorer. 

Many a time, we think that the Internet and the WWW are the same, but this notion is not correct. The 
Internet and the Web work together. While the Internet provides the underlying structure, the Web on the 
other hand, utilizes that structure to offer content, documents, multimedia, etc. For example, the Internet 
is like the highway, and the WWW is like a truck that uses that highway to get from one place to another. 


cing. On websites, certain words or phrases 


ES appear in text of a different colour than the rest; and are often underlined. When such words | 
the site or page that is relevant to this word | 


that can be clicked. 


3.2.7 Online Shopping 
Online shopping refers to buying goods and/or services from merchants who sell on the Internet. The 
Popularity of the World Wide Web gave an excellent opportunity to merchants to sell their products to 


jusiness 


and its Applications in B 


€) Information Technology 


isi x 
e Internet. Shoppers can now visit web stores 24 
sitting in their homes, offices, or even while travelling. e ranging from o EE 


i roducts from online store 
Consumers buy a variety of products DT. surance policies. l 
to hei pa shoppers. This is mainly because when a cusi 


i find a parking place, and walk throu; 
, he has to drive to the store, par olle ghoul 


e products that are needed. Even ntrast to this, online shopping is very 


7 as per their convenience 


convenient. With online shopping, 


the products. Onc 
ione md Pa dei se des ple still choose to avoid it. This 
een hae the experience of shopping In a mall. Moreover, 
they like to touch the merchandise, try on clothing, and be around other people. However, with online 
shopping, shoppers cannot touch the products or } 4 
Second, people fear that their credit card information W! 


provide credit card information when purchasing products online, 
tion may be susceptible to theft. 
Third, consumers often feel th: 
site's picture. The picture of an item may appear in a 
pletely different—perhaps of lesser quality. Many a time, it is also imj 


conducting online shopping. 


3.3 INTERNET PROTOCOL ADDRESS 


When you have to send a letter to your friend, you always mention the residence address of your friend 
so that it can reach her. This residence address is unique. If you want to talk to your friend, you need 
to dial her telephone number, which is again unique. Similarly, if you have to send a message over the 
Internet, you need some addressing mechanism so that the message can reach the correct destination. 
Internet protocol address or IP address is, therefore, a unique address allotted to computing devic 
nr gen he eain scanners, modems, smartphones, tablets, and so on that are oot: 
Zu ernet. This address facilitates unique identification of devices for communication t0 


at the products they purchase are not accurately portrayed in the web- 
particular way, but the actual item may look com. 
possible to try on apparel when 


Features 
The following are the features of IP address: 


+ An IP address is divided into four i 
: parts where each part i 
A Each part of the address contains a number ranging erg PRIOR UNUS 
i lei 79.121.10.190 is a valid IP address. i 
ithout IP addresses, sending and receiving data over the Internet would be impossible. 


3.3.1 Types of IP Addresses 


There are two categories of IP addresses—static or dynamic and public or private 


Static and 


atime, 
Many ™, valid for a 
. Similarly, 


p utomatically. The entire 


the users. 


Table 3.2 Differences between static and dynamic IP address 


address is permanent. 


[m IP 
ry computer retains its static address every time 
gos the inta me 


It is a reliable way to facilitate communication 


This address reveals technical information about 
the continent, country, and city in which the 
| computer is located. 


pm are limited static addresses. 


fi is allotted to devices that connect to the 
| Internet using a broadband connection. 


Email servers and other web servers must have a 
static IP address. 


E is preferable for applications such as voice over 
IP online gaming, and other applications that need 
to locate and connect to a particular computer 

on the Internet. 


. == 
| k is less safe and requires extra security 
mechanism. 


pos can configure his static IP address himself. 
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c Internet protocol addresses As the name suggests, static IP addresses never 
and dynamic IP addresses keep changing dynamically whenever users log on to the network. 
, dynamic IP addresses are issued using a leasing sy: 
limited time. When the lease expires, the computer automatically requests a new 
when there is an IP address conflict, a request for another IP address is sent to the ISP 
process of requesting IP addresses is automated and is therefore hidden from 


Table 3.2 shows the differences between static and dynamic IP addresses. 


stem. Therefore, the allocated IP address 


ynamic IPJaddress 


This IP address is temporary and changes 


every time it accesses the Internet. 


It is not a reliable way to facilitate communication 
between remote devices. 


Dynamic IP address does not reveal any such 
detail. 


It can support a large number of users who do | 
not require the same IP address always. j 


It is allotted to devices using a dial-up connection 
to connect to the Internet. 


It is not suitable for servers. 

| 
It is preferable for applications that work fine with | 
temporary and one-time IP addresses. | 
| 
| 


| 
Dynamic IP address is allotted by the ISP server. - 
This allocation is transparent from the user. 


It is safe to use. 


Public and private Internet protocol addresses Certain computers such as web servers and mail serv- 
ers need to maintain a unique global IP address that is registered with the network information centre 
(NIC) to avoid address conflicts. This address is publically known and used by users all over the world. 


Therefore, such an IP address is called public IP address. 
In striking contrast with public IP addresses, private IP addresses are allocated to devices that do not 


require public access. These devices are on the network but need to be uniquely identified only within an 
organization. For example, a network printer is assigned a private IP address to ensure that people from 
rest of the world are not able to connect with it. 
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NIC has addresses for p! 
ES pen to their devices that need not be ident 


EM ; 
3.4 DOMAIN NAME SYST m : | 
ENTE c fore, you Save all important phone numpe, 
When you want ber is just not possible. There "ur friend, instead of dialling his 10-4; 
rufis det names in your phonebook. scu de 
cell number, you just search for his name In e ndo E 
the name, your call is not connected based on name. 
pit ce have seen that every device has a unique T mae T conned 
Coming back to the Internet, we > sec karte de uec 
with a particular device you need to specify its address. How ae ne a ns | 


; www. 
For example, if we want to connect to de Epa % M question is the domain mah] 
IP address and how are we able to access the wel ? ponding DNS service tha 
to 74.125.224.72). Thi 


system (DNS). Similar to the phonebook service, the Internet has Be E 
translates domain names into www.google. 


IP addresses (for example, 
means that every time we use the Internet, we always use the DNS. 
The DNS system works as a ne! 


twork of DNS servers. As maintaining a central database of all th 
computers on the Internet along with their names and IP address is quite unpractical, the DNS dis. 
tributes the responsibility of storing domain 


i ing IP SSES 3 
names and their corresponding IP addre: man mcs | 
to authoritative name servers. These name It maps to this IP 
servers are responsible for the domain they (adress 70.42:251.42" 


support. The authoritative name servers may cK > 
even delegate authority to other sub-domain 

servers, Besides providing speedy mapping, 

this authority delegation process ensures dis- “Thanks for the 
tributed and fault-tolerant service to Internet ad. 
users. 

In such a networked DNS environment, if 
one DNS server does not know the IP address 
of a particular domain name, it asks another 
server for the same. The process is repeated 
until a proper match between IP address and 
domain name is found. This concept is shown 

in Figure 3.3. 


Figure 3.3 Working of DNS 


B DNS is a service that automatically converts domain names into IP add 
addresses. 


Points to Remember 
Here are some key points about DNS: 


* It assumes that IP addresses are assigned statically and will not chang: 
e. 


E E - 9, 2 
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+ It supports caching of requests. 

. ISPs maintain their own DNS servers to resolve name to IP address mapping. 

+ Since DNS translation causes additional overhead when accessing any website on the Internet, ISPs 
cache DNS mapping in their DNS server so that that can automatically direct subsequent requests 


to the appropriate IP address. 
Some commonly used domains are as follows: 


gov Government agencies com Commercial business 


edu Educational institutions net Network organizations 
org Non-profit organizations int International organizations 
mil Military 

Some country domains are as follows: 

ca Canada in India 

th Thailand us Unites States of America 
fr France uk United Kingdom 

jp Japan 


Other domain names include .museum (for museums), .info (informational websites), .name (personal 
websites), ‚pro (for professionals), .aero (for aeronautical companies), .coops (for co-operative organi- 
zations), jobs (for job posting), .mobl (for mobile communication networks), etc. 

Like our full names in which the general name or surname comes on the right and our specific name 
comes on the left, domain names are also organized from right to left, with general domains to the right, and 
specific domains to the left. For example, in the domain name www.google.com, there are three domain 
names, each separated by a dot. Here, .com is a general domain and google is a sub-domain, and www is 


a sub-domain prefix for the World Wide Web. 


3.5 UNIFORM/UNIVERSAL RESOURCE LOCATOR 


A uniform resource locator (URL) specifies the unique address for a file that is accessible on the Internet. 
It is provided by the user in the address bar. For example, when you type www.google.com, after pressing 
the Enter key, there is a long sequence of characters in the address bar. This is the URL. This means that to 
access any page on the Internet, we need to provide its URL. 

The file on the Internet that we want to access can be a web page, an audio file, video file, or image 
with extensions .htm, .php, .mp4, .avi, jpg, bmp, gif, .asp, .cgi, .xml, etc. 

The syntax for a URL is as follows: 

Protocol: //domain-name/path 

name of the protocol to be used to access the file resource. Commonly used 


telnet, news, gopher, mailto, etc. This field specifies how to connect. 
the website. This means that the domain field identifies where 


where protocol specifies the 
protocols are http, https, ftp, 
Domain name identifies the name of 


to connect. 
Path is a hierarchical description that indicates the location of the file. It indicates to the web server 


What to connect. 
google.com, http is the protocol, www.google.com is the 


For example, when we just write http://Www. toco 
domain name, and by default, the home page which is saved as index.htm is displayed to the user. Refer 


to Figure 3.4 which shows another sample URL. 
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rtp davescoT etters/20070918; 3. 6 
eo | ee 
World wide web je 
Domain name me 
Top level domain ee 
pri 
File name 
File extension Se 
Figure 3.4 Uniform resource locator l MEAN ar 
provi t/ABC.TXT, then http is use el " ee 
i RL as, hi ‚/Iwww.example.com/Studen‘ 3 n eig 
ERAB.TXT cis ruben ie stored in the computer on which the website www.ex: p. is 
i IP 
There are basically two types of URLs as shown in Figure 3.5. While an en ee in 
complete URL containing all three fields (protocol, domain, and path), relative S, v 
contain the one field which is the domain name. f 7 pl 
a. you must have observed a complex URL as the one given here, especially when you.log = 
in to your email account or search for a string on google. F 


j http://www.google.com/cgi-bin/search.cgi ?q=computer%20fundamentals 


Although it seems complex, it is actually very simple to interpret. In the query, http is in the protocol, 

www.google.com is the domain, and search.cgi is a file in the cgi-bin directory. Anything following the 
question mark (?) in a URL is a pair of variable(s) and its value(s). In the URL, q=computer%20funda- 
mentals means that q is a variable name, and computer%20fundamentals is the value of q. Since blank 
spaces are not allowed in a URL, blank space has been written as %20. Spaces can also be written as 
a +(plus) sign. In the query, the user is trying to search computer fundamentals on Google. 

These values are sent by the user's computer to Google's server. Google will find relevant pages and 
will display the result on the user's screen. Similarly, when 
we log in to our email account, we supply two values to 
the server—username and password. In such a situation, 


multiple variables are separated with an ampersand (8) 
sign as shown here: 


http://www.gmail.com/config/passwd. 
cgi?u=erree&p=s2ejmd3 


In the URL, there are two different variables—u with 
value erree and p with value s2ejmd3. 


Types of URLs 


Absolute URL Relative URL 


Figure 3.5 Types of URLs 


B | A domain name is not the same as URL because it is just a small part of the entire URL. 


3.6 INTERNET PROTOCOLS 


Each layer in th i i 
laye e open system interconnection (OSI) model supports one or more protocols to exchang® 


data between the source and destination machines. In this section, we will read about vi 
J 1 tal protocols 
form the backbone of data communication over computer networks 
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3.6.1 Internet Protocol 
«ho term ‘protocol’ means a set of rules that must be followed to facilitate communication among 
¡verse devices On the Internet. Internet protocol (IP) is basically a standard networking software which 
able you to interact with any computer in any country irrespective 


is pre-installed in your computer to en: 
ce and its manufacturer. This means that the same IP software is installed in a laptop, desktop, 


of the devi ^ 
printer, or any other device that needs to be connected with the Internet. 
sfer data over the Internet, all devices use the TCP/IP technology. This technology, in 


In order to tran: 
s protocols such as TCP, IP, FTP, simple mail transfer protocol (SMTP), and so on. 


turn, comprises variou: 
You may think of TCP/IP technology as a team of robot soldiers who are supposed to receive, handle, 


and transfer the data to the correct destination device. 

Currently, two versions of IP are being used—IPv4 and IPv6 where v stands for version. 

Ip version4 Currently, IPv4 is being widely used by most network devices. Itisa 32-bitnumber (in binary) 
andcan supportamaximumof. 2% or4.3billiondevicesonthe Internet. AddressesinIPv4 consistof32binary 
bits. The 32 bits are divided into four groups of eight bits where each group is separated by a dot. For exam- 
ple,21 6.27.61.137 is an IP address written in decimal notation for better readability and understandability. 


The same address, when written in binary, can be given as 1 1011000.00011011 1.00111101.10001001. 
Figure 3.6 illustrates another example of an IP address using IPv4. 
Although simple, the problem with version 4 is that as more and more devices are being added to the 


Internet every year, IPv4 addresses are getting exhausted. 
IP version 6 The newer version of IP is IPv6 and is slowly 


An IPv4 address (dotted-decimal notation) replacing IPv4. IPv6 is not more advanced than IPv4 but 
new features. Since an address in version 6 is 


172. 16 .254.1 5i 
T ir = 128-bits long, it can support 218 devices on the Internet 
y y y or approximately, 340, 282, 366, 920, 938, 463, 463, 374, 
10101100 . 00010000 . 11111110 . 00000001 607, 431, 768, 211, 456 devices. Due to their large size, 
the address in IPv6 is specified in hexadecimal separated 
by colons. For example, 1124:1:0:C:0:42:0:512C is a 
! valid IP address specified in version 6. Presently, IPv4 
and IPv6 addresses exist but soon IPv6 will take over 


version 4. 


5 F 
One byte = Eight bits 
E 


> 
Thirty-two bits (4 * 8), or 4 bytes 


Figure 3.6 IP address 


('IPv5 is an experimental protocol for Unix-based systems and was never released to be used | 
| by the general public. All odd-numbered versions are developed for experimental purposes. j 


Table 3.3 highlights the differences between two versions of the IP. 


Table3.3 Differences between IPv4 and IPv6 


Provides a 128-bit address — — 
Expressed in hexadecimal format 


Can support an infinitely large number of devices 


p— 


pP 


a 
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p ed with new features > 
m x = Technologically more advanced w! T features 7 
i = = i compatible More compatible for mobile networ 
= = = be sent 
Comparatively small-sized data can be sent Bigger-sized data can be 5 A m 24 
More secure than AA nn) 


| Comparatively less secure 77 


3.6.2 Transmission Control Protocol 


works at the transport lay: 


we P 3 
Transmission control protocol (TCP) ible for sendi 


protocol which works on the network layer and is responsi 
and receiver devices. The working of IP can be compared 
to address a letter and submit it to the postal system that ha: 
receiver. The main responsibility of the TCP is, therefore, to 
and the receiver so that reliable and error-free dal 
lished by TCP exists until both the devices 
Another important responsibility of TCP 


Figure 3.7. At the sender's site, TCP breaks the message into severa! 
site, TCP reassembles the fragmented data to form the compl 
same message may reach the receiver through different routes, 


ta transmission can t 
have finished their data transmission. 

is segmentation and reassembly as shown in 
| smaller segments and at the receiver; 
e. Since each data packet of the 
it may happen that packet 3 arrives before 


s no direct li 


lete messag 


er. It is used in conjunction with the Ip 
ng data packets between sender 
with the postal system which allows user 
ink between the sender and the 
establish a connection between the sender 
ake place. The connection estab. 


packet 1. Therefore, the TCP at the receiver's site rearranges the packet in the correct sequence and then 


assembles them to form the complete message. 


Figure 3.7 How TCP/IP works 


3.6.3 User Datagram Protocol 


Step 1 Step 2 
The TCP protocol The packets travel from Step 3 
, | breaks data router to router over the The TCP protocol 
¿| into packets. Internet according to the feassembles the 
IP protocol. packets into the 
original whole. 


UDP request/response paradigm 


Client 


TCP handshake paradigm 


Request 
Response Server 


Open connection 


J 


\ 

| 

! 
j 
! 
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file 
listenin 
to use 
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ru 


transfer protocol (TFTP), videoconferencing, online computer games, watching videos online, and 
ing to audio online may want to save processing time because for very small data, exchanges prefer 
UDP rather than TCP. Table 3.4 and Figure 3.8 highlight the differences between TCP and UDP. 


Table 3.4 Differences between transmission control protocol and user datagram protocol 


Amex 3 ae yt 
Breaks the message into smaller segments at the 
| sender's end _ : 
| Reassernbles the segments at the receiver 
1 


f Preferable when data to be exchanged is large 
| Slower as compared to UDP 
f Asks sender to resend erroneous data 


Supports error checking and error correction 
mechanisms and ensures a reliable data transfer 


Is a connection-oriented protocol 
Before data exchange, handshaking signals 


Does not break the message into smaller | 
segments y | 
No need to reassemble since the message was 
never broken 


Preferable for small data exchanges 
Faster since it provides limited services 
Does not ask sender to resend erroneous data 


Does nothing to correct errors and supports 
unreliable data transfer 


Is a connection-less protocol 
Data exchange is not preceded by any 


handshaking signals 
No acknowledgments are sent 


exchanged to establish connection 


Sends acknowledgement for data that has been 
received 


3.6.4 File Transfer Protocol 


FTP is the preferred method of exchanging files because it is faster and reliable. It is usually used to 
perform the following functions: 

* Enable users to share files, computer programs, and/or data. 

* Enhance the use of remote computers. 

* Provide authentication and security to stored files and programs. 

* Transfer data reliably and efficiently. 
Generally, users use FTP to transfer web page files from their computers to the server so that the pages 
can be available for everyone on the Internet. Using FTP, users can easily update (delete, rename, move, 
and copy) files on a server. However, it is also used to download programs and other files to the user's 
computer from other servers. The FTP program can be invoked either by typing the FTP commands on a 
simple command line interface (like the MS-DOS Prompt window) or with a commercial program that 
offers a graphical user interface (GUI). Even the Web browser can make FTP requests to download the 
selected programs. 

In FTP terminology, the following rules are followed: 


* The machine on which the file exists is called the server and the machine that requests that file is 


called the client. 
* Copying files from a client to a server is called uploading, whereas transferring files from a server 


to a client is called downloading. A 
* The term ‘get’ refers to receiving files from the server and ‘put’ refers to sending files (synonymous 


with download and upload respectively). 
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How to Use FTP 

vadays, usi the FTP is as simp! 
Kos onthe Internet Users create we 
ing FTP. 


M i 
enable thi FTP client software 18 already 
I eee ter. The software 


ies i d the 
directories in the user's computer an 
ee ter. Files can be easily trans 


present in the remote compu! 
one pane to another. 


Steps for Using FTP 


The following are the steps to be followed to use FTP: 


* Open the FTP client software installed in computer. You 
f the FTP server. Howevt 


browser by just typing the URL o 
able than dedicated FTP clients. 


* Enter the name FTP host (e.g., .microsoft.com). 4 
= u hr anonymous FTP server like Cyberduck for Mac or 


+ Enter your username and password. If it is an 


tions in Business 


lo as using Window! 
b page files on thei 


installed in the user's 
two window 


widely being used to uploag 


P is 
s Explorer. FT d transfer them to the Isp, 


r computers an 


computer. This software allow, 
anes; the one on the left display, 
pane on the right displays all files and folder, 
ferred by simply dragging and dropping from 


can also use the FTP through your web 
er, web browsers are slower and less reli. 


WinSCP for Windows, then type anonymous as username and your email_id as your password, 

Usually, all publically available files are accessed using anonymous FTP server. 

Using FTP through Command Line Instructions 
While GUl-enabled FTP clients need to be downloaded from the Internet, users can also use FTP 
through command line instructions in Windows, Mac OS X, and Linux by typing ftp ftp.microsoft.com. 
Basic FTP support is provided by all computers. 
Provide your username and password. In case of an anonymous FTP site, enter anonymous as user- 
name and email address as password. 
B FTP also allows users to delete, rename, move, and copy files on the server. 
Modes of File Transfer 
FTP can transfer files in the following three modes. 
Stream mode It is that mode in which it tran: 

i ; sfers fil i : ; " 
processing of information into different formats °S as a continuous stream with no intervention € 
Block mode In this mode i 

a , the data i 
fans ett to be transferred is 
mode nii FTP commands 
ep ioe M n this mode, FTP compresses the 
In Fi Data 
e igure ied Sid e two connections for data connection 
hange one ing comm; 
for sending or receiving don ands and the other m client 
Active and passive ee 
connection mode FT 
two mode: i " P supports Fi : 
s of connection—active and passive. b eure 3.9 Two connections in FTP 
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Inactive mode, the client initiates the connection. Once the server gets connected with the client, the 


can be exc . 2 
ive mode, the server is always waiting for any request from the client. Most FTP clients use 


aie connection mode by default. 

3.6.5 Terminal Emulation 

Terminal emulation or Telnet is a text-based protocol that uses the underlying TCP/IP technology for 
ing a remote computer's (called host) data and application programs. Users can use the Telnet 

client software to connect with the Telnet server (or the remote host) as shown in Figure 3.10. Once the 

Telnet client establishes a connection to the remote host, the client becomes a virtual terminal and can 

communicate with the remote host from his computer. 


Features 
The following are the features of Telnet. 
Bidirectional It is used to send and receive information. This means that data travels in both directions. 


Remote computer 


Local computer 


Figure 3.10 Telnet connection 


Interactive It accepts a command from the user, executes it on the remote computer, and displays the 


result on the user's screen. 
Text-oriented It is a text-based protocol that lacks usage of GUI. 
Versatile It can be used with any device that uses either the phone connection or the Internet connection. 


How to Use Telnet 
Telnet client programs are available for all major operating systems. To use these clients, go to command 


prompt by clicking Start->Run and type the following: 
telnet the.libraryat.whatis.edu 


where Telnet is the name of the protocol and the.libraryat.whatis.edu is the name of the host. You can 
also specify the IP address of the host instead of its name. The syntax of using the Telnet command is 


as follows: 
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a) Information 


optional) 


telnet host port (where port is 
Next, enter your username and password to log in to the remote hp le duisi rU - 
Once the connection is established, users can enter comman Tem 
computer. E 
Use P 
E it 
Telnet is used in the following areas: fü 
i T. 
+ ]tis used to access specific applications or pu located at a remote compute i 
3 in as users of the remote ost. 
ee iyu d on the world's most powerful computer, 7 


ations hoste! 
communicate with it over the network. 
og in to the university's computer from any terminal, 


ogues, and other information resources 


+ Even a dumb terminal can use the applic 
| the server and 


+ It enables users to contro! 
+ It enables research scholars and professors to l £ 
+ It allows users to connect them to databases, library catal 


around the world. 


ure shell (SSH) and is used by network administrators to man- 


ES Telnet has now evolved as seci 
‚age Unix and Linux computers from a remote computer. 


Shortcomings 

The drawbacks of Telnet are as follows: 
-It is a text-based computer protocol and lack: 
+ Itis insecure because it transfers all data in clear text. 
* Users cannot transfer files using Telnet. 


sa fancy screen with images, animation, and hyperlinks 


3.6.6 Hypertext Markup Language 


Hypertext markup langua; is ri i 
¡ge (HTML) is rightly said to be the 
moth i 

teer VR Anal understood by all web browsers. HTML ea iun a bes icti iir 
en ae a as tags) inserted ina file to be displayed by the web brow: er Kia 
E me etscape Navigator, Internet Explorer, and so on. In ord O se 

up these words and try to understand their individual a ee cid 

g. 
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ing: z D a hypertext (where the mouse pointer turns into a Dy i ae ee 
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arkup Markups are the buildi 
Mop building blocks of HTML. A markup is 
nn oh n to display the page. Tags are displayed within, e donee ag adn a 
: is icating i in 
peto S a means of communicating instructions for fi i el siet: 
sa = syntax like any other language. e tye xam j 
HTM 1 numerous predefined i 
acom Pape tags to describe page 
esponding closing tag (</...>). The content to be displayed ware pere s 
in between the tags. The tag 


instruct the web brow rt y . 
ser to display the content as specified by the tag. For e: e statemen 
xample, th 
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<bold> Hello, World!!! </bold> 


will be displayed as 
Hello, World!!! 

on the screen. From the example, we can observe that the tags themselves do not appear on the web 

page when you view it through a web browser. The web browser reads the tag, interprets it, and applies 

its effect while displaying the page. Some tags are also used to insert images, text, videos, tables, and 

forms in a web page. 


Uses 


The fol 


+ Itis used for designing web pages. 
. With HTML, web page designers can embed text, images, audio, video, and interactive forms in a 


lowing are the uses of HTML: 


web page. 
+ Itallows designers to embed scripts (such as JavaScript or VBScript) within a web page to design 


interactive pages. 
Although HTML is easy to learn and is improved every year, presently, 
using only HTML. 


web pages are rarely designed 


You can view the HTML code of a web page by right clicking on a web page and selecting the 
‘View Source’ option from the pop-up menu. 


3.6.7 Dynamic HTML 
Dynamic HTML (DHTML) is a combination of technologies—HTML, Java Script, and Cascading 
Style Sheets that is used to create dynamic, interactive, and animated web pages. DHTML is purposely 

s data at the client's machine without sending it to the 


used to enhance the user's experience. It processe 
server for processing. Unlike HTML, DHTML is not a language. It is just a technology that allows web 


documents to look and act like desktop applications or multimedia productions. 


Uses 
The uses of DHTML are as follows: 


+ Itenables a web designer to control the disp 
* Itallows users to create dynamic, interactive 


* It facilitates web pages to change at any tim 
* It allows users to change the looks and functionality of a web page after the pa; 


loaded. 

+ It enables users to add effects to their pages to make them more presentable and attractive. 

* Itallows users to use DHTML to embed animated text and images in their documents; for example, 
users can move a text or image from a starting point to an ending point, either by following a pre- 
determined path or one chosen by the user. a : 

* Itallows users to display information that changes dynamically and rapidly; for example, the latest 
news, stock quotes, etc. , 

* It designs a form to capture user input, verifies if all the fields have been filled, and responds to 
users. 


lay and positioning of HTML tags in a browser window. 


e, and animated web pages. 
e, without returning to the web server first. 
ge has been fully 
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3 the users. For ^ cid 
+ Excessive use of effects may frustrate 2) 
tions can confuse user navigation. , ic effects can be difficult. “mes! 
i i b pages with dynamic dle 
x Dooma ni el in some web browsers. Therefore, web pag igners must pue 
: in all leading web browsers. $ ue. HER inforn 
2 en ar A A correctly when they are viewed using different screen sizes. stand: 
Br i id complex DHTML effects and use simple routines that Th 
Therefore, web page designers prefer to avoi! Ip nn 
enhance user experience. ed 
3.6.8 Extensible Markup Language ee 
i n 
Like HTML, extensible markup language (XML) is a markup language that REN is set PM for 
encoding documents in a format that is readable by humans as well as computers. X is use to share XMI 
information in a consistent way. It has been specifically designed for web documents. Like HTML, the HTM 
basic building block of an XML document is a tag. data 
X 
Features A. 
Some of the features of XML are as follows: mèn 
* Itis a flexible markup language as it allows web page designers to create their own customized tags. Ext 
+ Itis a text-based data format. Me 


* It is easy to use and specifies a general format for describing data that enhances its usability over 
the Internet. 


* It is widely used for representing arbitrary data structures. 
* It is designed to be self-descriptive. 
* It supports the use of nested tags to represent hierarchical data. 


Table 3.5 summarizes the differences between HTML and XML. 
Table 3.5 Differences between HTML and XML 


It is designed to describe data. 
XML tags are not predefined. 


It focuses on what data is. 


| It is designed to display data. 
[HTML tags are predefined, 
—— 

| It focuses on how data looks. 

fi ou t displaying information. 


It is about carrying information. - 
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f does not need any extra piece of software to le just describes data. lt needs another piece of 
e el display data. software to display that data. 


Let us take an example to see how data is described in XML with customized tags. In the example, 
Aditya sends a message to Sarthak. 


«message? 
«to»Sarthak«/to» 


«from»Aditya«/from» 
cheading>Reunion</heading> 

Ma, «body»This Friday we have an alumni meet in our school. Let's meet there. 
</body> 

4 «/message» 
As we can see from the example, the message is self-descriptive. It has customized tags that represent 
information about sender, receiver, heading, and body message. These tags are not defined in any XML 
standard and are invented by the author of the XML document. 

at The example justifies that XML is self-describing or self-defining. Since the structure of the data 
is embedded with the data, it can be easily understood. It is, therefore, used to share information in a 


consistent way. 


r Final Note 
i XML is not a replacement for HTML; rather, it complements HTML. In web applications, XML and 
HTML are used together. While XML is used to describe data, HTML is used to format and display that 


data. 
XML provides a flexible way to create information formats. It allows structured data to be shared 


electronically through the Internet, Intranet, or Extranet. From this discussion, let us try to conclude the 


meaning of individual words in XML. 
Extensible XML is extensible since it allows designers to define their own tags. 


Markup The basic building blocks of XML are markups or tags. 

Language XML is not just a language like HTML. Rather, it is a metalanguage—a language that 
allows to create or define other languages. For example, with XML, languages such as RSS, MathML 
(a mathematical markup language), and even tools like extensible stylesheet language transformation 


(XSLT) can be created. 


3.7 HACKING AND ETHICAL HACKING 


We are all aware of the term hacking, which means finding possible entry points in a computer system or 
à computer network to break into it. Hacking is an unethical and illegal activity which refers to gaining 
unauthorized access to a computer system or its network either to harm it or to steal sensitive informa- 


tion available on the computer. 


What can be Hacked? 
Hackers can hack the following entities: 


Business 
Te) ation Technology and its Applications in 
= ore 
P j ized control over a web server. dbamperit 3 M 
. A website by taking unauthorizec ; (work system and hamper its operation, et 
+ A network by gathering information about it to harm the Ao emails or to sen d emails to othen of A 
An email account to gain unauthorized access to read a pa 
. c ; s 
ithout taking the consent of its owner. 
" Yon! to get unauthorized access to a computer system. to steal important information, Figh 
+ Hackers may perform the act of hacking just for fun, aes „to ney extortion. to and! 
cause damage to the computer system, to hamper privacy, or for mo y thes 
A iolati z hac 
Hacking leads to massive security breach, unauthorized system access, privacy violation, ham- info 
ES | pering system operation, and malicious attack on the system. ERS, Sam 
sd : P savi 
In contrast to hacking, there is another term ethical hacking, which is considered legal as long as it is they 
being done to find weaknesses in a computer or network system for testing pbe E va y int 
A computer expert who does hacking is called a hacker. Correspondingly, those who perform ethi. ase 
cal hacking are known as ethical hackers. Hackers need to have knowledge to understand how systems 
operate and how they are designed before they play with these systems. E 
À 
What is Ethical Hacking? 
Till now, you have a perception that hackers are the bad guys. They are cyber criminals who steal data, 
blackmail victims, and use someone’s confidential information for their own personal and financial gain, Dr 
However, hacking is not always wrong. In fact, ethical hacking is an important method of ensuring the 
security of a computer system and its network. Ev 
Br hackers also known as white hat hackers, use the same tools and techniques that the criminal bas 
ker x = hat hackers) use. However, the efforts of ethical hackers are aimed at strengthening, 
points ne a ec ke they hack. They use penetration testing to find vulnerable entry 
ne = cal ius Aden ruis the attackers can discover them. Besides discovering 
lina fecal ggest and implement solutions to fine-tune the system's overall infor- 
Vulnerabilities are found in poor or im r 
5 proper system confi i | 
flaws, and operational weaknesses in a process. guration, hardware ar softwar 
Of course, the ethical hackers i T x 
d work with the permission of the Bee 
fait or; ; : 
ein many cases, the organization does not even reveal to their pan bos mey are trying 0 3 
This ed ethical hackers to test the effectiveness of the measures that h: sien Pit fs matey W 
s is referred to as a double-blind environment. at have been implemented by thet ha 
Advantages of Ethical Hacking s 
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Moreover, the US state government and many big companies such as IBM have especially hired a team 

ofethical hackers to keep their systems secure. Similarly, Trustwave Holdings Inc., has an ethical hack- 
ing lab to exploit vulnerabilities that may be present in ATMs, point-of-sale devices, and surveillance 
systems. Companies and governments have been using ethical hacking for the following reasons. 

Fight against terrorism and national security breaches Many terrorist organizations use computer 
and network systems to break into various government defence systems. They collect information from 
these systems and then use this information to plan their activities. In such a critical scenario, ethical 
hackers can discover pit holes in security system and rectify them. They can also place misleading 
information for the attackers in the places which can be easily exploited by the attackers to divert them. 
Save money by preventing loss of financial data or other confidential data The governments are 
saving billions of dollars by protecting their systems from the attackers. In case of a successful attack, 
they will have to not only compensate for the loss but also build the system from scratch which will 
in turn cost a lot of money. The ethical hackers test the existing defence systems to ensure a foolproof 
system that prevents the breakdown of the existing system. 


A successful test does not mean that a network or computer system is 100% secure. But it 
definitely means that the system is robust against automated attacks and unskilled hackers. 


Drawback of Ethical Hacking 
Everything in this world has a darker side as well and ethical hacking is not an exception. Some draw- 
backs of ethical hacking are as follows: 
+ The ethical hackers must be provided complete details of the assets that should be protected and 
potential threat sources so that they can work effectively. What if the ethical hackers themselves 


misuse this information? 
+ Hiring an ethical hacker and trusting him/her may lead to a massive security breach. 
Even the most innocent ethical hacker may change his intentions on seeing the company's or its 


customers’ financial and banking details. 
The ethical hacker may place malicious code, viruses, malware, and other destructive and harmful 


software on a computer system. 


3.8 MOBILE COMPUTING 


We may not be aware of the term mobile computing as such, but the truth is that now this technology 
has become a crucial part of our lives. Mobile computing is a technology that has enabled transmission 
of data, voice, and video using computer or any other wireless device. It involves the use of mobile 
communication, mobile hardware, and mobile software. 

Mobile communication includes the infrastructure used to allow communication. Since the devices 
are wireless (with no physical links), mobile communication uses radio wave signals that are car- 
ried over the air to intended devices that are capable of receiving as well as sending similar kinds of 
Signals. 

Mobile devices use wireless network or Wi-Fi which is often referred to as a hotspot. These days, 
Wi-Fi can be found in offices, restaurants, educational institutions, public areas, and also at home. For 
wireless network, you need a wireless router connected to broadband Internet, which is often obtained 


through ISPs. 


is in Business 
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less connection, did you notice that whenever you leave the 


You must have been using wireless SU tho Internet? The range of Wi-Fi is usually 100 feet (y 


i i ts disconn 
area, your mobile device go! 
i i i rds and automatically conne; 
ea ide ai i-Fi, the mobile device remembers passwo! ch 
when EUM if you have W-Fi at home, then the moment you enter your homs 
with ae seri device, it will automatically bene Ves bueno silt ts al ui 
ile hardware includes mobile devices such as laptops, ] 
Mn andeven he smart watches. These devices are highly portable so that you can carry them with 
you and access information at any time as per your convenience. 


Mobile software is the actual program that runs on the mobile hardware. It is especially designed t 


cater to the needs of mobile applications. Some people refer to it as the no = the mobile device, 
Technically speaking, mobile software is the operating system of the mobile device. 


Advantages of Mobile Computing " 
Mobile computing is an amazing technology that allows. users to stay connected orn NE al 
times. Users have the power to tailor their mobile computing interface to suit their indivi needs. In 
addition to this, other advantages of mobile computing include: 
Location flexibility Since portability is the main advantage of mobile computing, the users of mobile 
P devices do not have to be tied or pinned to a single physical location. They can operate from anywhere, 
Saves time and increases productivity Mobile computing has helped users to save time, which way 
earlier wasted while travelling from different locations or to the office and back. Users can now access 
all their documents and files over the wireless connection and work as if they were on their own com- 
puter. This enhances their productivity as the users can employ the same time to do other useful work. 
Ease of research Research has been made easier. Earlier users were required to do a lot of field work 
to search for facts, conduct surveys and then feed the data into the system. Now researchers can collect 
and enter data from anywhere without making unnecessary trips to and from the office to the field. 
Entertainment Users can watch video and audio recordings anytime and anywhere, using mobile com- 
puting. They can see a wide variety of movies, news, sports, educational and informative material, etc, 
while travelling. They can even record audios and videos and store them for as long as they wish, 4 
Streamlining of business processes Another excellent feature of mobile computing is that it ensures 


security through authorization and authentication This feature hi i 
h n elps businesses to i 
cesses over secure links and also share information between their partners. a ERA 
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Another big challenge in mobile computing is identity verification. Users just need to provide their 
e and password, and most of the users prefer to stay signed-in on their mobile devices. Just 
imagine if their devices are stolen, then all their files and data can be viewed and misused in any way 


ine. 
M Me company would like their documents to get in the hands of hackers and other intruders, who may 
either misuse them or sell them to their competitors. So companies need to take certain precautions 
to mi imize these threats. This includes hiring qualified people, installing hardware and software to 
monitor security, educateing users on mobile computing ethics, and enforcing proper access, rights, and 


permissions. 
3.9 INTERNET OF THINGS 


Although the concept was not named until 1999, the Internet of Things has been in development for 
decades. Internet of Things (loT) means a system of interrelated computing devices, machines, objects, 
animals, or people that have unique identifiers for identification and also the ability to transfer data over 
anetwork without requiring human-to-human or human-to-computer interaction. 

If the thing, in the IoT, is a person, then he can have a heart monitor implant; if it is an animal, it can 
have a biochip transponder; if it is an automobile, it can have sensors to generate alert alarms (for exam- 
ple, when the pressure in the tyre is too low); and if it is any other natural or man-made object, then it is 
assigned an IP address and provided with the ability to transfer data over a network. 

The huge availability of address space in IPv6 has led to the development of the IoT. With more IP 
addresses available, more number of devices can be connected to exchange information with each other. 

Today, IoT is being widely used for precision agriculture, building management, healthcare, energy 
and transportation. The first internet appliance was a Coke machine at Carnegie Melon University in the 
early 1980s when the programmers succeeded in connecting the machine over the Internet to check the 
status of the machine and determine the availability of a cold drink. This check helped them to save their 
time as they did not have to go to the machine to buy Coke when it was not available in the machine. 


ES In simple terminology, loT is the concept of connecting any device over the Internet. i 
- +. = j 


Later, other devices such as cellphones, coffee makers, washing machines, headphones, lamps, wear- 
able devices, and almost anything you can think of could be connected. It is interesting to know that 
the analyst firm Gartner has said that by 2020, there will be over 26 billion connected devices. Other 
analysts have said that this number will be over 100 billion. So we can conclude that IoT is a giant net- 
work of connected "things" (including people), which will have relationships between people-people, 


People-things, and things-things. 
Examples of Applications of loT 


Whenever we read about a new technology, the first question that comes to our mind is how this tech- 
nology is going to help us? While with IoT, anything that can be connected, will be connected, but the 
Question is why should we want these devices to be connected? There are many examples to justify the 


answers to these questions. 
and your car tells you the best route to take. If there is a 


Case 1: Imagine you are going for a meeting 1 th ; 
traffic jam, then your car sends a text message to the other party notifying them that you will be late. 
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i i t to the coffee i 
Case 2: Imagine that the moment your alarm rings to wake you, à message is sen! machin 


tart brewing coffee for you. Mon 
is 3: The smart watch that your wear in office tells you when and where you Were active ang 
anne detect objects in their path. 


Case 4: You have a self-driving car with complex sensors s 
Case 5: A smart football that can track how far and fast it is 


app for future training purposes. that milk packets are over in the fridge 


i u 
Case 6: You have a smart refrigerator that can text message you j sep ie d 
and you need to buy them before you come home. Or, your fridge checking the expiry of an ice. 


cream and notifying you that you should not eat it now. I : 
Case 7: Imagine that you have an AC installed in your home that is connected ai limi d 
On a very hot day, you can instruct your AC to start and set the room temperature grees befor, 


you finally reach the house. 
In an article, Kevin Ashton (an innovator and cı 


thrown and records those statistics via a 


consumer sensor expert) wrote that if computers knew 
everything about things (using data gathered by them) without any help from us then we would be able 
to track and count everything. It would also reduce waste, loss, and cost. We would know exactly when 
things need to be replaced, repaired, or recalled, and whether they were fresh or past their best. 
In this way, IoT can help organizations to save a lot of money through improved process efficiency, 
asset utilization, and enhanced productivity. With improved tracking of objects using sensors and con- 
nectivity, companies can better analyse them and make smart decisions. For example, if you own a car 
manufacturing company, then you can know which accessories are the most popular by using sensors to 
detect which areas in the showroom are the most popular, and where customers linger the longest. You 
can even monitor the available sales data to identify which components are selling the fastest and then 
automatically align sales data with supply, so that popular items never go out of stock. 


ES The information collected by loT devices can be used to detect patterns, make recommenda | 
tions, and detect possible problems before they occur. | 
We all have heard that the Indian government is working hard to develop smart cities. Do you know that 
smart cities use IoT for efficient utilization of resources? IoT has the potential to bine entire cities 
by solving real problems faced by people every day. With proper connections and data, the IoT Ive 
traffic congestion issues and reduce noise, crime, and pollution. ne 


loT Products 


Big companies such as Honeywell, Hitachi, GE, Ci ¡crosof, 
ies oneywell, , GE, Cisco, AT&T, Apple, G i 
ae Iridium Communications, Red Hat, Zebra Technologies, id [Head ve zm laying 

in the market to realize the benefits of IoT. The following are some examples: Vx x 


Amazon Echo for Smart Home works through its voice assistant, Alexa Users can talk to Alexa an) 


give order to perform a variety of functions. F provide 
. For example, users c: i ide? 
weather report, get sports scores, order an Uber, and do much = per 


Fitbit One-Wearables tracks your steps, floors climbed, calories burned, and quality of sleep. Toe 


device wirelessly connects with comput: 
ers and smartp! i i 
Scat are S hones to transmit your fitness data in 
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mart Cities Barcelona in Spain is one of the foremost smart cities i 
Barcelo apache ies in the world. It has 
Jemented several IoT initiatives that have helped to enhance smart parking and the environment. 
AT&T-Connected Car AT&T added 1.3 million cars to its network in the second quarter of 2016. With 
this, the count of total number of connected cars rose to 9.5 million. 


[ Amazon Web Services, Microsoft Azure, IBM's Watson, Cisco loT Cloud Connect, Salesforce | 


five years. 


Challenges 
Security is the biggest issue that we often come across while talking about IoT. With billions of devices 
connected together, concerns of privacy and data sharing always haunt our minds. 

In fact, protection of sensitive data was ranked as the top concern among enterprises according to the 
2016 Vormetric Data Threat Report. Hackers try to penetrate connected cars, critical infrastructure, and 
even people’s homes. Therefore, the main focus of the companies is to ensure security of all the data 
generated by these devices. 

‘Another issue with IoT is that massive amounts of data is being generated by these devices. So 
companies need to figure out how they would store, monitor, analyse, and deduce results from this vast 
amount of data that is continuously being generated. 

However despite all odds, IoT is being used by several industries including manufacturing, defence, 
transportation, banks, retail, oil & gas mining, and healthcare, to name a few. 


3.10 ETHICAL ISSUES IN SOCIAL NETWORKING 


We are all aware of social networking sites which allow users to make their profile, find people with 
common interests, share information (pictures, audio, video, messages, stories, links, etc.) with friends, 
le and lots more. The fast emergence and vast acceptance of social networking sites 
ocation has changed our lives completely. 

and Twitter have enhanced communication capabilities 


by allowing users to interact with their families and friends, build business appearances or meet with other 
internet users. Users use these sites to share news, interest, opinions, insights, and experiences within 
their groups of communities. According to latest statistics released by International Telecommunication 


Union (ITU), almost 40% of the world’s population is online and billions of Internet users use SNS. 
However, due to lack of awareness regarding the danger of social networking, active users are more 
Prone to be publically targeted since they are available and searchable through their profile pages, which 
contain personal information such as location and phone number. 
Privacy SNS has lots of data about its users. Therefore, privacy of data is a serious concern. Privacy 
can be violated through intrusion (attacking the network or the computer), misuse of information, and 
interception of information. ; ; y 
Wit, de wa of Global Positioning Systems (GPS) or location-based social networking appli- 
Cations, users are subject to accept a data policy that might covertly take advantage of their privacy to 
legitimately and specifically target them with advertising ads. SNS like Facebook knows a lot of details 
about its users such as where they live, where they work, etc. 
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difficult task. Although market; 
ta leakage is still a py 


Users use Linkedin to build social relations organized around professional lives, Twitter is | 
useful for creating lines of communication between ordinary individuals and figures of public | 
interest, MySpace was used by musicians to promote themselves and communicate with their | 
fans. Facebook is used to connect with family, friends, and business customers. | 
Identity theft Identity theft is another ethical issue in SNS. In this technique, criminals impersonat] 
vende : mend ese ped E dy ^" other person is held responsible for the conse 
d e done em. On SNS, identity thefts are being done either by creating a fak 
pec or ipea and hacking the password of another SNS user. E : 
ough SNS is tirelessly working to secure and protect i i 
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„lating copyrights may result in overwhelming court cases. S i 
lens cir information when posting on SNS, á ee ee errr ay 


some More Business Ethics 


" nreported —— Giving any form of compensation to a blogger or tweeter, is considered a 
ated endorsement and must be avoided. The compensation may include free product or cash. 
This applies to the entire social media and not just bloggers. 


Compromising consumer privacy The data collected from customers is a valuable resource that compa- 
nies analyse to make better decisions. But selling that data to someone else or using it for any purpose other 


than analysing or providing better service to the customers is unethical and an act of violating consumer's 
privacy. Even when these breaches are unintentional and non-malicious, they scare consumers away. 


Affecting company's brand value Today, individuals are on SNS even before they join any company. 
Prior to joining the company, they may have had their own opinions but once they join an organization, 
they must remember two things. First, if they are promoting products of their company, they should also 
specify their connection to the company as otherwise they would be violating consumer's trust. Second, 
they should never criticize their company and never disclose their company's policies on SNS. 

Using the online community to get free work These days, while companies use the term UGC (user 
generated content), but in creative circles it is being known as WFF (working for free). Basically, more 
and more companies are holding online contests allowing its customers to submit designs or even pro- 
duced commercials. They then pick a winner, giving him/her prizes and using his/her creative work in 
traditional media. However, the truth is that they are using the skills of freelancers or even unemployed 
professionals who should be paid for their work. 

Another trend is that companies request for proposals for a social media campaign, gather the most 
creative ideas that come out of the process and use them without hiring the particular agencies who 
created them. E 
Giving false information For social media marketing, it is the ethical responsibility of the company to 
be honest and truthful regarding posting product information and pricing. 

Never disclose consumer's information It is unethical to reveal any information about consumers on 
SNS. A company should be considerate of its clients’ privacy issues and any kind of personal informa- 


tion and purchasing details must never be revealed in public. 


Cybercrime on SNS Many types of cybercrimes such as cyberbullying/cyber harassment, cyber stalk- 
egal surveillance, cyber espionage, cyber sabo- 


ing, child exploitation, cyber extortion, cyber fraud, ill er sab 
tage, and cyber terrorism are reported on SNS. Such activities are not just unethical but also anti-social. 

SNS is caught between the public interest in crime prevention and their need to preserve the trust 
and loyalty of their users as users feel that government is violating their privacy and keeping a check on 
their online activity. 

Many companies prefer user security 
on SNS to prevent government agencies 
national security. 

Overwhelming promotional message: 
tisements) is also an unethical act as it annoys the users. 


by employing end-to-end encryption of messages exchanged 
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professional life. 


* The Internet is a global network that connects bil- 
lions of computers all over of the world. 
* Electronic mail (email) means the transmission of 
messages over communication networks. 
* Internet chat allows two or more online users to 
come together to talk using an instant messenger. 
* With online newspaper, users can read the full 
coverage of breaking news in a timely manner. 
* Online shopping means buying goods and/or ser- 
vices from merchants who sell on the Internet. 

* The contents hosted on the Intranet can be 
accessed only by members within the organization 
who have appropriate access control rights. 

* Internet protocol address is a unique address 
allotted to computing devices such as computers, 
routers, printers, scanners, modems, smartphones, 
tablets, and so on that are connected to the Internet, 
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+ Domain name system (DNS) is a service that 
automatically converts domain names into IP 


addresses. 

* Transmission control protocol (TCP) is a protocol | 
that works at the transport layer and is used with | 
the IP protocol which is used to send data packets 
between sender and receiver devices. 

* While an absolute uniform resource locator | 
(URL) specifies the complete URL containing all 
three fields—protocol, domain, and path, relative 


URLs, on the other hand, contain only one field— 
the domain name. 


. Dynamic HTML is a combination of technolo- 
Bies—HTML, Java Script, and Cascading Style 
Sheets and is used to create dynamic. 
and animated web pages. f 


* Extensible markup language (XML) is a markup 
language that defines a set of rules for encoding 


interactive, 


documents in a format that is readable by humans 
as well as computers. It is used to share informa- 
tion in a consistent way. 


© using the keyboard. The mes 
ars on the screen of the other person. 
message typed by the other person 


Screen 
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A program that requests information from 
computer on the network. The client program 
oth and displays the retrieved information to the 
e For example, the web browser is a plient program 
dat accesses and displays web pages 
oad Making a copy of a file from another 
to your computer. For example, users may 
a song from another computer on the Internet 
to his computer 
nic mail An email system designed to ena- 
ble the users to send and receive messages across a 
network 
FTP Short form of file transfer protocol, it is basi- 
cally a program that enables users to transfer files 
from one computer to another 


Gopher A program that organizes information on 
the Internet using a system of menus. Items in the 
menus can be links to other documents or to other 
information services. 


Host Any computer on a network 


HTML HTML stands for hypertext markup lan- 
guage and is used to create hypertext documents for 
use on the World Wide Web 


HTTP Hypertext transfer protocol (HTTP) is a pro- 
tocol that defines a set of rules to exchange docu- 
ments on the World Wide Web 


Hypertext A hypertext document is one that includes 
links to other documents on the World Wide Web 


Internet A network of networks. It connects sev- 
eral networks all around the world to enable them to 
exchange information with each other. For this pur- 
pose, all the computers on the Internet use a com- 
mon set of rules (protocols) for communication. 
Therefore, the Internet uses a set of protocols called 
transmission control protocol/Internet protocol 


Internet service provider A commercial service 
that sells access to the Internet to individuals. Users 
connect to the ISP through a modem. While some 
ISPs only offer a basic connection to the Internet, 
Others, on the other hand, sell a variety of val- 
us-added services such as discussion forums, tech 


support, software libraries, news, weather reports, 
Stock prices, plane reservations, and even electronic 
shopping malls 

Link A word, picture, or other area of a web page 
that users can click on to move to another spot in 
the same document or to another document. Links 
(words) may be underlined and usually appear in a 
contrasting coloured text. When the user clicks on 
the link, the colour of the text changes 


Network A group of computers connected to each 
other to exchange information and/or resources 


Newsgroup An Internet service in which read- 
ers can post messages OT articles for other peo- 
ple to read. Other people can also reply to articles 
that they read on a newsgroup. It enables people 
with similar interests to communicate with each 
other 


Node Computer connected to a network 


Protocol A set of standardized rules that should be 
followed to exchange information among computers. 
There are different protocols for different kinds of 
communication. For example, HTTP specifies the 
rules for exchanging information on the World Wide 
Web. FTP defines the rules to copy files from one 
computer to another across a network 


Server A program that provides information or 
services to other programs. For example, the web 
browser is a client that uses services like email from 
the server 


Upload The opposite of download that means 
transferring a file, picture, document, or an 
audio/video clip from your computer to another 
computer 


URL A uniform resource locator specifies the 
addresses for World Wide Web pages. A URL 
uniquely identifies a Web page. URLs have three 
parts—protocol name, server name, and a direc- 
tory path. For example, consider the URL http:// 
wings.avkids.com/SPIT/index.html. Here, http:// 
is the name of the protocol, wings.avkids.com is 
the server’s name, and /SPIT/index.html is the 
location of the file on the server 


.__— 5a global network that connects 
billions of computers all over the world. 
(a) LAN (c) WAN 
(b) MAN (d) Internet 

2 LLL is a network of networks. 

(a) Internet (c) Extranet 
(b) Intranet (d) All of these 

3. Each computer on the Internet is called a 
(a) server (c) device 
(b) web page (d) host 

4. provides internet service. 
(a) ASP (c) JSP 
(b) ISP (d) IPS 

5. ISP stands for 


(a) internet service provider 
(b) internet service program 
(c) intranet service provider 
(d) intranet service program 
6. You can share 
Internet. 
(a) voice messages 
(b) text messages 
(c) video messages 
(d) multimedia messages 


7. Mozilla Firefox and Opera are examples of 


using the 


(a) ISPs 

(b) web browsers 

(c) email applications 

(4) social networking sites 


8. 
emen allow users to browse the 
(a) ISPs 
(b) Web browsers 


(c) Email applications 
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Website A collection of web pages on the Worlg 46- 

Wide Web having to do with a particular topic op 

organization 

World Wide Web An interconnected set of hypertext 

documents located throughout the Internet z 
1 


9. 


10. 


11. 


12. 


13. 


14. 


15. 


(d) Social networking sites 


The first ever network of computers was 


created for... — — 
(a) military purposes 

(b) business purposes 

(c) research organizations 
(d) all of these 

The first network of computers was known as 


and universities 


(a) ARPANET (c) PICONET 

(b) APARNET (d) Internet 
means transmission of messages 
electronically over communication networks. 


(a) Courier services (c) Email 
(b) RTGS (d) SMS 
The address of the email recipient is written in 
the field. 
(a) From (c) Subject 
(b) To (d) Body 
Content of the message is written in the 
field of email. 
(a) From (c) Subject 
(b) To (d) Body 


The two optional fields of a Message are 


(a) To and From 

(b) CC and BCC 

(c) Subject and Body 

(d) None of these 

When you have to send the same message to 
multiple recipients, then you should ideally 
mention all the email addresses (except one) in 


the field. 
(a) To (©) BCC 
Oe (d) From 


jé The ——— Ption allows users to make a 
of a message received from a person and 
then email it to someone else. 
(c) Forward 
(d) Post 
application allows users to 


(c) UDP 
(d) IP 
T ===> is the application using which two 
users can talk instantly. 
(a) Email (c) Browsing 
(b) Chatting (d) Transferring 
19. Which of the following is not a reason for 
“businesses to use instant chatting? 
(a) Answer user queries 
(b) Provide online support 
(c) Conduct business meetings 
(d) None of these 
20. During Internet conferencing users cannot 
share ____—- 


(a) information (c) video 

(b) files (d) none of these 
21. is not required for Internet 

conferencing. 

(a) Webcam 

(b) Microphone 


(c) Chatting software 
(d) None of these 
22. Newspaper on the Internet is also known as 


(a) online newspaper 
(b) electronic newspaper 
(c) web newspaper 

(d) all of these 


23. HTML isa A 
(a) language (c) application 
(b) protocol (d) website 

M. allows users to add links to other 
documents, graphics, audio, and/or video files. 
(a) FTP (c) HTML 
(b) Telnet (d) HTTP 


25. The text on which the mouse pointer changes 
to hand-shaped is known as __—- 
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(a) high text (c) link text 

(b) hypertext (d) anchor text 
26. WWW was created by 

(a) Larry Page 

(b) Bill Gates 


(c) Tim Berners-Lee 
(d) Steve Jobs 
27. Which of the following is not correct about 
online shopping? 
(a) You can make the payment through debit/ 
credit card. 
(b) It can be done 24x7. 
(c) You can touch and feel the products sold 
online. 
(d) There is always a chance of your confiden- 
tial information being compromised. 
28. IP address is allotted to . 
(a) computers (c) printers 
(b) smartphones (d) all of these 
29. facilitates unique identification of 
devices for communication over the Internet. 
(a) IP address (c) MAC address 
(b) Sequence number (d) Port number 


30. The IP address has parts. 
(a) 1 (c) 3 
(b) 2 (d) 4 
31. Each part of the IP address has a number 
ranging from s 
(a) 0-999 (c) 0-255 
(b) 0-128 (d) 0-256 
32. address is issued using a leasing 
system. 
(a) Static IP (c) Fixed IP 
(b) Dynamic IP (d) Permanent IP 
33. address reveals technical information 


about the continent, country, and city in which 
the computer is located. 


(a) Static IP (c) Temporary IP 

(b) Dynamic IP (d) Momentary IP 
34. There are limited — — — IP addresses. 

(a) static (c) temporary 

(b) dynamic (d) momentary 
35. Web servers are allotted — IP 

address. 


er 


i (c) temporary 
> adi (d) momentary 
36. service translates domain names 
==——> 
into IP addresses. 
a) TCP (c) DNS 
(b) IP (d) UDP 


37. DNS stands for 
(a) domain name system 
(b) data name server 
(c) data number system 
(d) domain number system 
38. TCP stands for 
(a) transmission carrier protoco 
(b) transmission control protocol 
(c) transmission control program 
(d) transmission carrier program 
39. Which of the following statements is not true 
about DNS? 
(a) IP addresses should be assigned statically. 
(b) Name and address pair can be cached. 
(c) ISPs have their own DNS server. 
(d) None of these 


40. The domain .in belongs to which country? 


(a) Indonesia (c) Iceland 
(b) India (d) Iran 
41. Which of the following is true about domain 
names? 


(a) org is used for non-profit organizations. 

(b) Domain names are also organized from 
right to left. 

(c) mobl is a valid domain name for mobile. 
communication network 

(d) All of these 

specifies the unique address 
a file that is accessible on the ae y 
(a) URL (c) UDP/IP 
(b) TCPAP (d) DNS 

43. The syntax for specifying a URL is 


42. 


(a) Protocol://domain-name/path 
(b) Path://domain-name/protocol 
(c) domain-name://protocol/path 
(d) protocol/domain-name/path 
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pa) nee 


ntains only the 


ive URL coi 
44, Relative Seid. 


(c) domain name 
(d) none of these 
owing the question mark (?) in y 


(a) protocol 
(b) path 

45. Anything foll 
URL is a  ——— — — 
(a) domain-name 
(b) protocol F 
(c) variable-value pair 
(d) path 

46. In a URL, two variable- 
separated with a/an — 


value pairs are 
symbol. 


(a) ! ©) @ 
(b) & (d) + 
47. The current version ofIPis__. 
(a) 4 (c) 6 
(b) 5 (d) 7 
48. IPv6 has a bit address. 
(a) 32 (c) 128 
(b) 64 (d) 256 
49. protocol establishes a connection 


between the sender and the receiver so that 
reliable and error-free data transmission can 


take place. 
(a) TCP (c) UDP 
(b) IP (d) SMTP 


50. Segmentation and reassembly is done by 
which protocol? 


(a) TCP (c) UDP 
(b) IP (d) SMTP 
51 is an alternative protocol to TCP. 
(a) FTP (c) UDP 
(b) IP (d) SMTP 


52. Which transmission protocol is best-suited 
for online Computer games, watching videos 
online, and listening to audio online? 

(a) FTP (c) UDP 
(b) Tp (d) SMTP 

53. Identify the incorrect statement about UDP. 
(a) It is preferable for small data exchanges. 
(b) It does nothing to correct errors and sup 
" PS unreliable data transfer. 

€) It is a connection-ori protocol. 
(d) It does not break Se — 
segments. 


55. 


56. 


sack 3 
pires (c) efficient 
® reliable (d) connection-less 
55. FTP allows users to files. 
(a) rename (c) delete 
(b) copy (d) all of these 


which mode does the client initiate the 
connection? 
(a) Active connection mode 
) Passive connection mode 
(c) Block mode 
(d) Stream mode 
57. In which mode is the server always waiting for 
any request from the client? 
(a) Active connection mode 
(b) Passive connection mode 
(c) Block mode 
(d) Stream mode 
58, In which mode are files transferred as a 
continuous stream with no intervention? 
(a) Active connection mode 
(b) Passive connection mode 
(c) Block mode 
(d) Stream mode 
59. is a text-based protocol that is 
used for accessing a remote computer’s (called 
host) data and application programs. 
(a) FTP (c) UDP 
(b) Telnet (d) SMTP 
60, _ enables research scholars and 
professors to log in to the university's 


computer from any terminal. 
(a) FTP (c) UDP 
(b) Telnet (d) SMTP 


61. Which of the following is incorrect about 
Telnet? 
(a) Itis a text-based computer protocol. 
(b) It is insecure because it transfers all data 

in clear text. 

(c) Users cannot transfer files using Telnet, 
(d) None of these 

62, is a code embedded in a file that 
instructs the web browser how to display the 
Page. 
(a) Hyperlink 


(c) Markup 


Internet and its Applications 


(b) Hypertext (d) Image 

63. |^  interprets the meaning of 
markups. 
(a) HTML (c) Web server 
(b) Web browser (d) Web client 

64. Which of the following cannot be embedded 
inan HTML page? 
(a) JavaScript (c) Visual Basic 
(b) VBScript (d) Form 


65. Which of the following is best-suited for 
creating an interactive game? 


(a) HTML (c) CSS 
(b) JavaScript (d) DHTML 
66. Using which language can you create your 
own tags? 
(a) HTML (c) XML 
(b) DHTM (d) All of these 


67. Using which language can arbitrary data 
structures be easily represented? 


(a) HTML (c) XML 

(b) DHTM (d) All of these 
68. Nested tags are used in which language to 

represent hierarchical data? 

(a) HTML (c) XML 

(b) DHTM (d) All of these 
69. In which language are tags not pre-defined? 

(a) HTML (c) XML 

(b) DHTM (d) All of these 
70. means finding possible entry 


points in a computer system or a computer 

network to break into it. 

(a) Hacking (c) Cracking 

(b) Ethical hacking (d) Ethical cracking 
71. is done to steal sensitive 

information available on the computer. 

(a) Hacking (c) Cracking 

(b) Ethical hacking (d) Ethical Cracking 
72. Hacking does not involve 

(a) breaking passwords 

(b) recovering passwords 

(c) illegal use of someone else's email 

account 
(d) harming a computer system 


Tech 
96 Information | 
means findi esses In 
sis or network system for testing 
a computer 
i 
Eth sa " " Cracking 
(a) Hacking. Eni 
bun ae black hat hackers: 
kers 
74 - "x " 
(a) Ethical hackers S coal E 
ers 
7% Sn ee 
i (c) black hat 
o a iius 5 ter due 
76. ee are present in a compul 
o improper system configuration 


ization does not even reveal to 
15 T ua en team that they have 
hired ethical hackers to test the effectiveness 
of the measures taken by them, then this is 
environment. 
er (c) double blind 
(b) single blind (d) All of these 
78. Which of the following statements is true 
about ethical hackers? 
(a) Ethical hackers must be provided com- 
plete details of the assets. 
(b) Hiring an ethical hacker and trusting him 
may lead to a massive security breach. 
(c) The ethical hacker may place malicious 
code, viruses, malware, and other destruc- 
tive and harmful software on a computer 


system. 
(d) All of these 
79. Mobile communication uses 

signals that are carried over 
devices, 

(a) ultraviolet wave 

(b) infrared wave 

(c) radio wave 

(d) microwave 


the air to intended 


(c) Location flexibility 
(d) Entertainment 


(c) animals 
bjects 
> machines (d) all of these 
83. is the concept of connecting any 


device over the Internet. 

(a) Mobile computing 

(b) IoT 

(c) Internet 1 | 

(d) Social networking sites 

84. The technology used in self-driving car, 
watch, smart football, and smart refrigerator 


(a) mobile computing (c) Internet 
(b) IoT (d) Android 
85. Google+, Foursquare, Pinterset, and Twitter 
are all examples of 
(a) search engines 
(b) social networking sites 
(c) video conferencing sites 
(d) instant messaging sites 
sites are used to share news, 
interest, opinions, insights, and experiences: 
(a) Search engines 
(b) Social networking sites 
(c) Video conferencing sites 
(d) Instant messaging sites 
87. Challenge(s) in SNS include 
(a) free speech (c) code of oo 
x (b) data leakage (d) all of thes? 
i Which SNS is used to build social rel 
Organized around professional lives? 
(8) LinkedIn (c) Facebook 


86. 


(d) Twitter 
is used for creating lines of 
89. Communication between ordinary individuals 


(p) MySpace 


figures of public interest. 
A LinkedIn (c) Facebook 
(b) MySpace (d) Twitter 


90. If anyone misbehaves on SNS, then it means 


(9) misuse of free speech 
(b) data leakage 
(c) violation of code of conduct 
(d) fighting on the Internet 
91. Not providing the sources of their information 
when posting on SNS results in 
(a) misuse of free speech 
(b) data leakage 
(c) violation of copyrights 
(d) violating code of conduct 
92. Giving any form of compensation to a blogger 
or tweeter is considered as 


1. (d 2. (a) 3. (d 4 (b 5 (a) 
np (c) 12. (b) 13. (d) 14. (b 15. (c) 
21. (d) 22. (d) 23. (a) 24. (c) 25. (b 
P (c) 32. (b) 33. (a) 34. (a) 35. (8) 
|41. (@) 42. (a) 43. (a) 44. (c) 45 (c) 
| 51. (c) 52. (c) 53. (c) 54. (d) 55. (d) 
| 61. (d) 62. (c) 63. (b) 64. (c) 65. (d) 
be (a) 72. (b) 73. (b) 74. (b) 75. (8) 
81. (a) 82. (d) 83. (b) 84. (b) 85. (b) 
| 9. (d) 92. 93. (d) 94. (b) 


Answers to Multiple-choice Questions 


6. 
16. 
26. 
36. 
46. 
56. 
66. 
T6. 


86. 


93. 


94. 
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(a) unreported endorsements 

(b) compromising privacy 

(c) effecting company’s brand value 

(d) violating code of conduct 

The term UGC refers to 

(a) user generated content 

(b) getting creative ideas 

(c) holding online contests allowing its cus- 
tomers to submit designs 

(d) all ofthese 

Giving anonymous and fake feedback just to 

cause damage to a company’s reputation is 

known as__ 1 —- 

(a) improper anonymity 

(b) distorted endorsements 

(c) cybercrime 

(d) identity theft 


(d 7. (b) 8. 
(c) 17. (b) 
(c) 27. (c) 
(c) 37. (a) 
(b) 47. (c) 
(a) 57. (b) 
(c) 67. (c) 
(d) 77. (c) 
(b) 87. (d) 


(b) 9. (c) 


(d) 
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ge spamming, denial of service (DoS) attacks, a na 
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ncepts, dimension, 


4.| NEED AND CONCEPTS 


a broad issue that encompasses security for a 
ecurity of all the transac! 
erm ‘data security’ is gaining l 
k of security is a serious threat to the integrity and privacy 


11 the data and information that an organ- 
tions that are made using the Internet. It 


Data security is 
topmost priority, especially in | 


ization stores on the computer and s 
ensures authenticated access of data. The t. 
financial and government institutions as lac! 


of any organization. x F 
Since the Internet is an insecure channel for exchanging private data or messages and intrusion or 
frauds like phishing (discussed later) are very common, some methods must be implemented to protect 


data. In this chapter, we will read about the threats to security and learn about the protective measures 
that can help the users protect their data from unwanted access. Before delving into these issues, let us 


try to find answers to some important questions. 


How can Security of Data be Compromised? 
Security of data may be compromised in the following ways: 


. Unauthorized users from within or from outside the organization may access the data. 
* Authorized or unauthorized users may modify the existing data, add wrong data or delete some 


important data. 


Figure 4.1 reveals the sources that can cause (Security threats.) 
threat to security of data. While we cannot ERES 
control damage to data because of natural (C Natural disasters ) 
disasters, damage due to humans can always Floods. fires; arid ee? 
be controlled by implementing sound secu- (Ue br mena Ce LGB = 
ři É ^ Hackers and i 
pe er A hacker is someone who faite Of ola e potaje le 

= s into the system for which he has °"9anization = 
no authorization is limi i 

or goes beyond his limits of Figure 4.1 Types of security threats 


po 

= wm * 
Syllabus Map Modulet || H 
of e-security, security threats — Unit 4 | c 
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f . A hacker can be a cracker; a i 
imate s N ; a cracker means a person who breaks into the system by 
poem cracking or by cracking the security measures implemented to protect the data. Š 
However, a big bape z N can be employees within the organization who do not have any 
malicious intention, x u d either unknowingly alter data themselves or leave the data vulnerable to 
de accessed by attackers. For example, a programmer can write a code that can result in system crash. 
example is a clerk who saves an important file on the desktop. This file can then be accessed by 
oy other user with malicious intentions. 
How is Confidential Data Tampered? 
C fidential data may be tampered in the following ways: 


+ Delete vital information from the database—for example, if someone deletes the records of your 
customers, there is no means to contact them. 

« Steal information—for example, if your competitor steals information about your customers and 
offer them goods and services at a heavy discount, then you will have to bear a great loss. 

+ Modify data—for example, if a student gets access to the master computer of your school and 
modifies his marks, then the whole concept of taking exams and evaluating students will become 
a wasteful exercise. Another example could be that an employee can gain access to the attendance 
records and mark himself present on days when he had not gone to office. 


d How can we Protect Confidential Data? 
t i 
The following are the ways to protect confidential data: 
+ Prevent the data from being altered or accessed by people with malicious intentions by implement- 


ing sound security policies. 
« Detect any attempt to damage, modify, or steal data. Various tools are available in the market that 


detect and reveal any attempt made to breach data security. 
+ Recover lost or damaged data if someone has already tampered with it. 


4.1.1 Dimension 
We all agree to the point that the number of Internet users in India is constantly increasing. Computers, 
smartphones, and the Internet are now becoming widespread even in rural India. As a result, cyber- 
crimes are also on a constant rise because the criminal no longer needs to be physically present when 
committing a crime. Criminals take full advantage of the Internet's speed, convenience, anonymity, and 
lack of borders either to carry out financial crimes such as theft, money laundering, and fraud or hate 
crimes, such as stalking and bullying. 
By the term cybercrime, we mean any crime or illegal activity that involves a computer and a network. 
Cybercrimes are usually divided into the following three categories: 
l. Crimes in which a computer is the target. For example, to gain network access. 
Crimes in which the computer is used as a weapon. For example, to launch another attack. 
Crimes in which the computer is used as an accessory to a crime. For example, using a computer to 
Store illegally-obtained data. 
Üybercrime may be carried out by individuals or by a group of people who usually target people in 
Countries with weak or non-existent cybercrime laws. 
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4.2 DEFINITION AND SCOPE OF E-SECUR' ge 
í pra : 

-security includes a set of technologies, processes, an : 
| TnT Tie ee and data from any kind of cyber-attack, damage, or ee oc 
gests gli ; become even more difficult because cyber criminals have learne launch 
Is of security, let us first try 


-security has a f 
These days, e-security ks at lower costs. Before moving into detail 


automated and sophisticated attacl 
to understand some important terms. 


Attack or security breach An attempt to gain un 
resource. 
e to which data and other resources are accessible for use when required. 


Availability The degre 
Compromise An unauthorized access to steal, modify, or destroy confidential data. 


Confidentiality The degree to which confidential data is protected from unauthorized access. 
Integrity The degree to which the accuracy and completeness of information and computer software are 


authorized access or deny authorized access to a 


protected against unauthorized access. 
Authentication Confirming the identity of the person requesting to gain access to a resource. This can 


be done by validating username and password. 
Authorization Determining the set of actions that an authenticated person can perform on a resource, 


For example, an employee working in the A i i 
es fe ccounts department is not authorized to access the files of 
Accountability The activities of the authorized 


doing. 
Vulnerability as: i i 
ility assessment An audit or a check that is performed to identify potential vulnerabilities ina 


a. system or network. 
rism Di i i 
berterroi Isruptive use of IT by terrorists to attack on networks, computer syst d tele- | 
5 ystems, and tele- 


communication infrastructures. 


persons are documented to deter employees from wrong 
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ù — ,3 THREATS TO DATA SECURITY 

the most common threats to data security come either from f i i 

N Dee "mon threats to security can be classified as ae 9 malwares or through fraud like phish- 
y. 43.1 Malware 

à or malicious software (meaning software designed with wrong intentions) is software specif- 


Malware * i 
ically designed to en. to a computer either to disrupt its operation or gather sensitive data from 
tis a big threat ternet security and includes computer virus, spyware, worms, Trojan horse, etc. 


N 
itl ARESA 
Malwares are usually embedded within legitimate software that is either useful or attractive. 


Virus 
| A computer vi 
and replicates itself repeatedly. Such a piece of code is dangerous because it will quickly 
able memory and finally halt the system. An even more dangerous type of virus may corrupt or delete 
files from the computer and may spread itself to other computers by using the user’s email program. 


Sources of computer virus include the following: 


+ Attachments in email messages or instant messaging messages 
+ Attachments of funny images, greeting cards, or audio and video files 


+ Downloads from the Internet 
Computer viruses are thus always undesirable as they slow down the computer’s performance, cause 


erratic behaviour, loss of data, and frequent crashes. 
Features The features of virus are as follows: 


uter virus is a small program that gets loaded in the computer without the user’s knowledge 
use all avail- 


* It replicates itself. 
+ Itrequires a host file to spread. 
+ Itis activated by an external action. 


Types of virus Viruses are of the following types. 
Boot viruses These viruses were used to infect floppy disks. However, as floppy disks are no longer 
used, the boot virus infects only the master boot records of the hard disk. The boot record is a program 
that loads the operating system in the memory when the computer is turned on. 
Boot record viruses either overwrite or replace the boot record and move it to a different location in 
the virus also gets loaded along with the 


the hard disk. When the operating system is loaded in memory, 
operating system. 


Once the virus gets loaded in the memory, r 
computer in case of boot virus is to boot the operating system from à 
or DVD. Examples of boot viruses include Polyboot.B, AntiEXE, Di 


it performs its intended task. The only way to protect the 
another hard drive or a bootable CD 


sk Killer, and Stoned. 


The master boot record is the first sector on a partitioned storage device. MOE 
ct only executable files with extensions such 


Program vi infector viruses These viruses infe 

as BIN, COM, = en and .SYS. When an infected file is executed, the file along with 

the virus xaded in ı i ; The virus is then free to perform its intended task. The virus may 
gets loaded in the memory. file in such a way that every time the program 


overwrite the infected file or replace some parts of the 


pr 
P 
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ted. Most of the viruses belong to this category | 


pe , the virus gets execu 
or file is —€— knee better than boot viruses as t 
However, 


Snow.A, Jerusalem, and Cascade. EN M 


ost as it sticks to a fle. — 7 


Ed (The program or file virus uses a file as its h 
— Xa Er . 

= of viruses—boot viruses and pro. 
when the infected file is 


ample, Emperor, Anthrax, | 


se viruses are a combination of two Via 
s, they infect an executable file an 
s records (as the boot virus). For exi 


Multipartite viruses The: i 
viruses. Like program viruse: 
the multipartite virus infects the master boot 
Tequilla, and One, Half. z ; icis | 
eq viruses These viruses use several techniques to avoid their gepi Ho e Ban io 
will remove the virus code from an infected file when antivirus software iS 


is not detected as infected. BA, = 
gros viruses redirect the hard disk head so that the next read jeu erp m another 
memory sector instead of the correct one. Some may alter the attributes of the n S 
Polymorphic viruses These viruses create copies during replication. These replicated copies are func- 
The difference in codes is intentionally induced by ran- 


tionally equivalent but have different codes. € s c b 
pce superfluous instructions, changing the order of instructions, or by choosing a different 


i i i irus i d. 
encryption algorithm each time a copy of the virus is created. | en " 
The real power of this virus lies in the fact that since each infection is different from the other, it is 


very difficult for an antivirus software to identify, locate, and remove them. Examples include Elkern, | 
Marburg, Satan Bug, and Tuareg. | 
Macro viruses A macro virus infects documents that contain macros (a special type of program that 
performs a series of operations with a single action). A wide variety of programs, including Microsoft 
Word and Excel, support macros, and are thus, vulnerable to macro viruses. 


For example, many a time, when working with Microsoft Word, you must have encountered a message 
as ‘Problem in Normal.dot'. Macro virus infects normal.dot which is a file used by all the documents. 
Whenever users open any document (by indirectly using Normal.dot), the uninfected document also 

gets infected. When a macro virus-infected file is opened on another computer, the virus spreads on that 
computer too. Examples of macro viruses are Relax, Melissa.A, Bablas, O97M/Y2K, and WM.NiceDay. 


ActiveX viruses Most Internet users do not know how to configure ActiveX and Java controls and thus 
leave a security hole in their computer. Many times, while surfing the Internet, we get a pop-up message 
saying ‘Applets are not able to run”, and asking ‘allow or disallow?’ Sometimes cain weh ask 
users to download certain ActiveX or Java controls and we quickly download them. i 

By allowing these applications to run freely on our machines, we permit them to deliver all ActiveX 


viruses. Therefore, by simply turning off some ActiveX and J; 
5 ava contr 
be protected from such macro viruses. dE 


Resident viruses A resident virus inserts itself in the 
itself, it performs all its intended tasks such as inte 
files and programs that are op 
infected. Examples include 

Direct acti : F ; 
elaine esed This bes of virus replicates itself and performs its intended action only when the 
men ke . When the file isnot being executed, the virus becomes dormant. Direct action 
on when a specific condition is met. When the virus becomes active, it infects all the files 


s in the browser, computers can 


tie rd memory (RAM). From the memory 

rrupting the system’s operations and corrupting 

ened. A resident virus runs independently of th iginally 
fi 

Randex, CMJ, Meve, and Mr Klunky. à re 


À . ¡o! 
hey can be removed easily, Toners | vi 


6 
y 
f 
J 


sce nennen 


y : as well as in the directori ified i 
x pis directory es specified in the AUTOEXEC.BAT file PATH. An example is the 
vienna VI 
LT VCH ET RE CRUS 
1 f AUTOEXEC.BAT Is a batch file stored in the root directo h | ed & 
| perform some e vital operations when the computer is Br the hard disk. It is used to 


) 


A P on E Pg Ar the data stored in the infected files leaving them partially or totally 
d yseless. To © ing all i overwrite virus, users have no option but to delete the file com- 
à pletely thereby losing all its contents. Examples are Way, Trj.Reboot, and Trivial.88.D. 


irectory virus A bi lo changes the paths that indicate the location of a file. When the user 
: executes a directory virus” fected file (having extension as .EXE or .COM), he unknowingly runs the 
vinis since the original file has been moved to another location by the virus ; 
Network virus These viruses rapidly spread through a LAN or through the Internet. Network viruses 
multiply rue an resources such as shared drives and files. When a computer gets infected, it 
searches through the network to attack another computer. When the other computer gets infected, it 
moves on to the next, and so on. Examples are Nimda and SQL Slammer. 
Space filler (Cavity) viruses We have seen in Chapter 4 that many a time, some parts of a file are empty. 
The space filler virus use this empty space to house (or install) its code. It does not affect or damage the 
contents of the actual program itself. An example is the Lehigh virus. 
FAT virus File allocation table (FAT) is a table maintained by the operating system to store information 
about location, size, and other details of files on the disk. The FAT virus attacks on the file allocation 
table. 

The FAT virus makes it impossible for 4 computer to locate files. The virus spreads to the files when 
the FAT attempts to access them, thereby penetrating into the entire computer. When a file gets infected, 
to the users, it seems as if the file is missing or inaccessible. 

The FAT virus disrupts a system completely by destroying data and forcing the user to reformat the 


system. 


Worms 

Like viruses, worms are programs written with malicious intentions that can replicate themselves and 
spread across a computer network. However, unlike viruses, most worms do not interfere with the nor- 
mal use of a computer. Moreover, they exist as separate entities and do not attach themselves with other 


files or programs. > ; 
However, worms may also take control over the computers on which they get installed and steal 


confidential data. Once a worm gets installed, it uses the email program of the user to send a copy of 
itself to everyone listed in his email address book. Then, it replicates itself to send itself out to everyone 
listed in each of the receiver's address book, and continues the replication process indefinitely. Worms 

rk servers, and individual 


use a lot of network bandwidth and memory which causes web servers, netwo 
Computers to stop responding. 


puter over the Internet to download 


ES [Once installed, a worm can connect to à remote com 
| a more substantial piece of malicious software. ] 
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m s vulnerabilities on a computer to exploi 


locate: i ^ 
How a worm works A worm is & prep e. E eem Yomputers on its n etwork with vulnere 


i d, the 

them. Once a computer gets infecte poA j i 

bilities so that they can also be etm a To users, it seems as if the Goen cone ¿Eon i 

Where alao sprend en ems the user opens the email, the worm uses Sunt 
known trusted person an 


and address book to copy itself and sj read to other email recipients. 
p! 
Worms can also attack applications such as Microsoft Word and Exce! by inserting malicious 


i ive feature of a w 

i 1. The most destructive n 

: them as an attachment with emai re 
in documents spline iif 2,50,000 times over a period of several Br ma sae a sin 
is that it can repl s also scan for unsecured servers and then replicate an 
a are specifically designed to replicate themselves on specific days 

s i 

special ions. t due to the massive amount of traffic it creates, 


main aim of worms is to slow down the Interne! N ^ rey ap ne 
ish can pres in: SH) access to a website to attack it by sending thoi quests in 


order to crash the site. 


Br Worms also spread through pirated movies. Seas 


How to protect your computer from worms? The following are the ways to protect the computer 
from worms: 
* Always use the latest operating system. 
+ Install antivirus software to remove the worm. N 
+ Install a firewall that will guard against the downloading of the worm. 
+ Update your antivirus software on a regular basis. 


Trojan Horse 
A Trojan horse is a non-self-replicating malicious software that pretends to be harmless so that users can 
easily download it on the computer. It is usually contained inside a harmless program. Once executed, a 
Trojan may slow down the computer, cause loss or theft of data, give unauthorized access to its control- 

ler, ruin the FAT, and install a virus. 


Types of Trojan horses Once a Trojan horse gets installed on your computer, its range of actions can 
vary from being harmless to destructive. For example, a Trojan can cause the following: 


* It might display annoying messages on the screen. 
* It can delete all vital files. 
* It can steal confidential information like passwords, 
* It may install viruses or another Trojan horse on the computer. 
* It may allow the computer to be accessed from a remote machine. 


The following are some common types of Trojan horses, 


Te Trojan horse This type of Trojan horse gives control of the infected compute! 
P à hacker who can alter the registry, rearrange folders, change the login password, upload or download 
es, interrupt the infected computer's communication with other machines, erase files, type messages 


ed 


ae SEGE £ 


vr 


that the user is currently runnin; 
; [pin and even reboot the co Rei open the CD-ROM drive door, play strange noises through 


ing Trojan horse This type of Troj 
jle serving a à E Tojan horse creates ET 
2 the infected machine. With this file server, the ego > “= server (similar to the FTP server) 
a cad: and download files. ) can control network connections, 
ee is so small in size (may be not more than 10 Kb) that it is difficult to 
: online games, funm 
other files that users may download from the ped forwarded messages, attachments in emails, or in 


P ice attack Trojan hi i i 
Denial of service a jj. orse This type is usuall i 
i ly targeted to a primary enabl 
hacker gain mos ee or all computers in its network. After borse e cni d 
flood the targ c, thereby making it impossible for users to access certain websites. 


ü h 
ing Trojan horse Keyloggers record every step of the user's activity on the infected computer 


In ard to the mouse clicks 
(with reg i Foie Mee. dii ‚and keys pressed). It emails the recorded information about keystrokes 
to the hacker. Hac. s use this information for performing card fraud and identity theft. For example. 


kers get information about usernam: i ; 
pet pem thefts. e, password, credit card number, pins, and other valuable data to 
Password Ed Trojan horse This type of Trojan horse is used to steal passwords. Like keyloggers, 
this Trojan also transmits information about passwords to the hacker through email. 
tem killing Trojan horse These Trojans destroy everything in the i j 
N y system. E jl 2 
Killfles.904 and Trojan. KillAV. raring bn the tytn, Exito Rte 
Trojan dropper This type of Trojan horse drops or downloads additional malicious files to the com- 
puter. These malicious files further infect the computer. 
Joke Trojans Such a Trojan horse causes no damage to the computer but plays an annoying sound from 
the speaker or displays irrelevant messages on the screen like ‘Now formatting hard drive’. 
Icondance Trojan This Trojan horse causes no harm to the computer but minimizes all application 
windows and then starts rapidly scrambling all the desktop icons. 
Some more Trojan horses Here are some more types of Trojan horses: 
* Rootkit prevents malicious programs from getting detected. 
* Trojan-FakeAV simulates the activity of antivirus software and aims at extorting money from inno- 
cent users for detecting and removing threats that are not even present on their computer. 


* Trojan-Game Thief steals user account information from online gamers. 

* Trojan-IM steals user's login details and passwords for instant messaging 
MSN Messenger, AOL Instant Messenger, Yahoo Pager, and Skype. — 

* Trojan-Ransom prevents the users from accessing data stored on their computers. The attacker 
unblocks the data only after users pay them the ransom money demanded. Ñ 

* Trojan-SMS sends text messages to premium rate phone numbers from the user's mobile phone. 

* Trojan-Spy spies the user's activities on the computer using keyloggers by taking screenshots or 
getting a list of running applications. 


ES Most antivirus software can detect and remove Trojan horses. 


programs such as ICQ, 
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gaining informati 


4.3.3 Adware 


Also known as advertising-supported so 
advertisements embedded in the application. 
Internet that has an adware embedded in it, the adware 
also spread through email attachments and shared files. 

Adware comes under the category o: 
a form of spyware that tracks the user's Internet surfing 
display advertisements related to them. Users try to avoid th 


and security over the Internet an 


[ES | Adware displays advertisements automatically without the user's permission, 


Unlike spyware, adware does not transfer the user's perso: 
however, slow down the computer speed and allow constant 


4.4 NETWORK ATTACKS 
We will discuss some network attacks in this section. 


titiously monitor: st 
cs 4 is usually used for tracking and stor; 
installing additional software; redirecting web browser, 
reading cookies; reducing 
á " | 
and causing slowdown or even crashing a computer system. Tao PE | 


ftware, adware is any SO) 
When users download a 
gets installed in the user’s computer. They can 


f malware because most of the times, à 
habits and collects information about the user ty 


d also get annoyed due to the distraction caused by them. | 


y the activity on a computer and 
bank, or credit card info, | 


network connection speedy, 
"n 


ftware that is given to the user with 
freeware or a shareware from the 


they are unwanted. They are 
em as they see it as a threat to their privacy 


SEN [ 


nal information to another location. Both, 
pop-up advertisements to plague the user. 


Denial in min (DoS) attack i It is an attempt to make a computer resource unavailable to its intended 
users, ly, DoS attacks (Figure 4.2) target high-profile web servers such as banks, credit card pay- 


ment gateways, government organizations, media, and 
root name servers. The common ways in which DoS 
attacks can be made are as follows. 


Ping of flood In this scheme, the attacker sends numer- 
ous external communication requests to the target 
we so that either it is unable to respond to legit- 
traffic, or responds so slowly as to be rendered 

essentially unavailable. 
ed Z ger a ping packet in the network 
raros ,535 bytes. A packet greater than 
Een cult to handle but may also cause the 
lo crash. Therefore, in this type of attack, ping 


packets of si: 
ig ize greater than 65,535 bytes are deliberately 


CIE te ee | 


Figure 4.2 Denial of service attack 
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5 sage is split into packets. Each packet contains a 
ce number so that the receiver can reassemb Bee us meth 
oo the attacker puts a confusing sequence penal om tat dae nae ehe 
po em to reassemble the message, This 


e number of email messages with large attachments to 

that Other users are denied email services. 

dentifies serious bugs in the target computer system and 
àn input that takes advantage of bugs. These bugs may lead 
ystem to an extent that it becomes unable to be accessed or 


mail 
a A 

n the target system to crash by sending 
e ‚m crash or severely destabilize the s 
wei by other users. 


44.1 Browser Hijacking 


When à brov os iine the attacker modifies the browser to permanently change the home page. 
This 15 basically ue ^ oost web traffic hits or just to be asinine. Browser hijacking attacks are really 
irritating and most of the times, even good antivirus software take a long time to detect and free innocent 
users from such attacks. 


4.4.2 Denial-of-Service Attack 


This type of attack is usually targeted on a primary server to enable a hacker gain control over one, 
several, or all computers in its network. After gaining the control, hackers flood the target server with 
traffic, thereby making it impossible for users to access certain websites. 

The most common type of denial-of-service (DoS) attack occurs when an attacker *floods' a network 
with information. When we type the URL of a particular web page in the address bar of the browser, the 
web browser sends a request to that site's computer server to send that page. The web server can only 
respond to a certain number of requests at once, so if an attacker overloads the server with requests, the 
web seryer either crashes or stops responding to the legitimate users. 

The attacker can even use spam emails to launch a similar attack on an email account. For example, 
every email account has a fixed amount of space for storing emails. By sending many or large email 
messages to the account, an attacker can consume all the storage space to prevent the receipt of any 
legitimate email message. 

Thus, a DoS attack targets the availability of web applications. Unlike other kinds of attacks, DoS 
attacks are not meant to steal information but they are simply done to slow or take down a website. 
These attacks can be very problematic, especially when they cause large websites to be unavailable 
during high-traffic times. Popular websites such as Google, Twitter, and WordPress have been a victim 
of this attack. However, security softwares have been developed that detect DoS attacks and limit their 


effectiveness. 


f Although DoS attacks do not cause loss or theft of confidential data, it can cost the victim 


a great deal of time and money. A 


44.3 Man-in-the-middle Attack 
oofing attack, the attacker intentionally inserts him- 


Ina man-in-the-mi ks 

-in-the-middle (MIM) attack or network sp é tacke 
self into a on ae two persons. Besides deliberately getting in between the persons, the 
stacker impersonates the people in the conversation (acts as proxy to persons) and gains access to the 
information that they were sending to each other. 


gr 


Figure 4. 3 shows how an attacker intercepts, sends ^ and receives data which is meant for 
P are commonly made for financial gains. 
else. MIM ttacks 


How to Prevent Man-in-the-middle Attacks 
The following are the ways to prevent MIM attacks: 


i kets that 
. lement packet filters to inspect pac 
en coming from suspicious IP addresses. 
Normal flow Man-in-the-middle flow 


are exchanged over the network. Such filters cay 


Client 


| 7 MIM Y ut 


Ie 


Server 


| MIM sends the request for 
| User 1 asks user 2 to send | Man-in-the codeword to user 2. User 2 


| | his codeword but «middle thinks it is coming from 
| unknowingly sends to MIM user 1 
| User 1 | MIM sends codeword from User 2 sends his codeword User 2 
| | user 2 to user 1 to MIM unknowingly 
| | [User 1 sends his account MIM replaces user 1's 
| number to user 2 (but account number with his 
| | unknowingly to MIM) own account number 


User 2 transfers the money 
The MIM in MIM's account 
attack unknowingly 
Is complete 


* Avoid trust relationships because such relationships only use IP addresses for authentication. The 
attacker can run spoofing attacks very easily. 
* Implement spoofing detection software. 
* Use cryptographic network protocols like usin; 
| g HTTPS rather than HTTP. S ls send 
encrypted data and, while receiving, authenticates the data. Other such intecis en layer 
security (TLS) and secure shell (SSH). 


Figure 4.3 MIM attack 


4.5 INTERNET FRAUD 


The downside of using Internet services include steali i i ducting fraudulent 
^ g I ing personal informati. i 
transactions, or transmitting the proceeds of fra: HA à 


ud to financial institutions. Such frauds can occur in chs! 
Tooms, emails, message boards, or on websites. Some co; iem 


mmon Internet frauds are discussed here: 


3 Business | 
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SO rchase fraud 


occurs when a criminal 

ent means; for seattle, using a a. " poss roo ah ron aia paye oot ar 
R * ora i 

Ber for the transa ction and lose money as a result. credit card. As a result, merchants do not get 


,„ Online auction fraud occurs when a fraudster starts an online auction of high-priced items on a 


" its payment from the i A x 
website. He accep! ; auction winner, but 2 
T livers a product that is less valuable Mh ons off = either does not deliver the product or 


hie yam ar nes nen accepts services from victims (such as writing 
4 : try, ol i jecti i 
i z mba d. 8) but refuses to reimburse them by rejecting their work 


, phishing is done to acquire sensitive information such as passwords, account numbers, and credit 


details. In this technique, the fraudster constructs a fake website that looks similar to the legit- 

imate site and asks for the user's personal information to steal his information and misuse it. 

+ Stock market fraud includes attempts to manipulate prices of securities on the market for the per- 
sonal profit of the scammer. For example, the scammer spreads false information to cause a dra- 


matic increase in price of thinly traded stocks and the moment prices reach the desired level, the 
scammer sells his stocks to innocent victims, thereby making a substantial profit. 


+ Online intellectual property theft is also common these days. Individuals all over the world who 
share their notes and information on the Internet have exclusive rights on their material. However, 
many people or students just copy and use it without taking permissions from the author. 


4.6 RANSOMWARE 


Ransomware is a subset of malware that locks the data (usually by encryption) on the victim's computer 
and asks for payment to decrypt that data and return access to the victim, as shown in Fig. 4.4. Another 
variant of ransomware (also known as lock screen ransomware) changes the victim's credentials (user- 
name and passwords) so that he/she is unable to use the computing device. The main reason for ran- 
somware attacks is to obtain money from the victim. Unlike other types of attacks, the victim is notified 
that his/her computer has been exploited and instructions are given on how to recover from the attack. 


Payment is then demanded in bitcoin (a virtual or digital currency) so that the cybercriminal's identity 


is not known. The ransom also notifies that if the money is not transferred by a certain date, the key 
required to unlock the device or decrypt files will be destroyed. 


PS [ The malicious user sends a bitcoin address to which the bitcoin is to be transferred. 


How does Ransomeware Spread? 
Ransomware malware can be spread by following ways: 


* Malicious email attachments 2E : i 
* Spam mails that appear to the victim as if they contain invoice, job offers, security warnings, and 
Other legitimate files 

: Infected software apps 

: Infected external storage devices 

j ee websites 

king on pop-up message 
* Visiting a resbala si malicious advertisements 
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and ransomware can be removed with an ant 
never get them back. 


Internet Explorer 
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Figure 4.4 Ransomware 


Famous Ransomware: CryptoLocker and WannaCry 


The first example of a widely spread ransomware attack was Cryptolocker, that was active on the Internet 
from September 2013 through May 2014. Then, in May 2017, a ransomware called WannaCry infected 
and encrypted more than a quarter million systems globally. The ransomware had the ability to auto- 


matically spread across large networks by exploiting a known bug in Microsoft’s Windows operating 
system. 


iden = Fin eq the National Health Service in the UK was heavily affected and was forced to 
ectivel services offline during the attack. According to reports, thousands of companies were 
affected and incurred losses of more than $1 billion. It also > 


x struck Spanish companies such as Telefonia, 
Portugal Telecom, the delivery company FedEx, and a Swedish local authority. 

0 companies worldwide. Windows XP uses 
ded support for this operating system. Microsoft | 


as Microsoft had en 
ttack when it had become se 


vere. | 
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i omware Loc 
d a a ee ee in 2016. Locky was sent to millions of 
aro fi ch contained an invoice or a receipt of order 


users . The victim was asked to e; 5 
4 Word file nable macros to view its content so that the malware could be 


85 |. With every attack, Locky’s auth s 8 
loaded. ors kept on improving the code so that it would be difficult 


tet parvet riana va en an email attachment or the Unsubscribe link in a spam 
email. It can ope! y is offline, and can encrypt more than 400 file types, including 


files. 

databas rs with the security compan; 
Rees) tec and Taiwan. pany Avast had observed 75,000 infections in 99 countries includ- 

security experts Have me a 50% increase in Android ransomware attacks. WannaCry copycat 
"m me X Petit br Ar MEI ue devices in China. Since data can easily be restored by 
p ces, en block the smartph i i i 
syncing : ` artphone instead of just encrypting files. 

similarly, Mac ransomware 1s also on the rise. Cyber criminals either target iCloud accounts or try to 
Jock smartphones through the Find My iPhone system. 


Ransomware Attacks in 2017 


Figure 4.5 shows the 10 countries most affected by WannaCry in 2017. 


Figure 4.5 Countries affected by ransomware 


Ransomware Prevention 


While ransomware attacks may be nearly imposs 
that the damage is minimal and recovery is as qu! 


* Taking back up of computing devices on a regular basis ERE 


a an they are 
* Using good antivirus programs that scan files en may already be on a computer 


* Blocking secret installations and looking for malw i 
* Updating software regularly including antivirus software and the operating system 


ossible to stop, users can take some measures to ensure 
ck as possible. These measures include the following: 
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ing extra cautious while clicking on links > em: 
e er authori ion and access contro en | 
iure a „up blocker on your computing mS T = 
+ Installing a POP-UP 9°, i. They may succeed to decryp is form ait on 
+ Using some deci re Des re = | 
+ Never RT that there is no guarantee that the access would be grante after 
experts have urity 
the payment A ung 
e smart screen. It will help you identify 


o Internet Explorer then turn on th | 
a —_— 


[if you are using x 
| reported phishing and malware websites. 
s long as it has not locked your computing device. In this case, | 
remove it manually or use an antivirus to delete it. : 
then you cannot even enter Windows | 


However, if the computer is infected with a locker ransomware t m enter 
and run applications. To fix this, do a System Restore to restore Windows back to a point in time where 
from a bootable disk or an external 


your computer Was still safe. Second, run the antivirus program 
drive. Third, reinstall your operating system. 


Removing ransomware is quite simple a: 
you can enter Safe Mode and then either 


ystem making it difficult to access 


perating s 
e Master Boot 


| Locker ransomware locks the victim out of the o 
these ransomware infect th 


the desktop and any application or file. Some of 
| Record so that the computer is unable to boot up. 


4.7 HACKING 
Hacking is a practice of identifying weakness or loo i i 

: pholes in a computer system, or a computer appli- 
vmi or a network to exploit its weaknesses to gain access (of course, unauthorized). For a 
cracking a password to access a computer is an act of hacking. Therefore, we can say that hacking means 


gaining unauthorized access for some illicit purpose. 
Correspondingly, the person who performs hacking is known as a hacker. There are three types of 


hackers or we can say that hacking can be done for three reasons 


Do you know that break Ing a security system requires more intell igence and expertise thar 
actually creating one? So a hacker is obvious ly a very telligent anda highly skilled 
? Si H person | 


in computers. 


White hats: A white hat hacker h 
i acks to check the securi i ` 
mee ss are a part of the organization whose inea jenes irre ee 
‘ack hat hackers: They hack t a ainin; 
" o take control over the syst i access | 
à si k 2 steal, or even keep authorized users hun e een 
ackers: They include all the curi er system | 
eh n e curious people who i i | 
M N ential loopholes in the network security system. The s "e en arena | 
weaknesses so that they can be rectified. 13 A AN | 


| 
| 
| 
| 
| 
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je! 


zd spoof? means to hoax, trick, or deceive. Corre 


. spondingly, spoofin, icki ivi 
cren payo do TRIS » Spoofing means tricking or deceiving 
tà com - of another user on the Internet, 5 15 either done by hiding one's identity or faking the 
x identi! fing can be done in several ways. In the 


B that is email spoofing, messages are either 
tia address of another user. However, since most of 
N extremely difficult for unauthorized users to send 


spoofing, the IP address of a certain 
other systems to determine where the computer is 
> : difficult to tra 
in denial-of-service attacks that overloads a server This mi 


ck the source of a message, it is often 
unresponsive to legitimate requests. Fortunately, software securi: 


ay cause the server to crash or make it 
¡dentify denial-of-service attacks and block their transmissions, alata ke ae heed 


In its third icu veis criminal fakes an identity (like an online username). For example, when 

ting on a we arn orum, a user may pretend to be a representative of a company, when actu- 
ally an has no association with it. Moreover, in online chat rooms, users may fake their age, gender, 
and location. 


The only way to prevent spoofing is to make sure that you know who you are communicating with. 


This is especially more important when you are giving out private information over the Internet. Though 
| spoofing may be a part of man-in-the-middle attack, but it is more general. 


IP spoofing attacks usually take place when trust relationships use IP addresses (rather than user 
logins) to verify machines’ identities to access systems. Cyber criminals use spoofing attacks to imper- 
sonate machines with access permissions. 


Prevention 


* Avoid trust relationships 
* Use spoofing detection software 


* Use cryptographic network protocols such as Secure Shell (SSH), HTTP which encrypt data before 
itis sent and authenticate data as it is received 


49 SNIFFING 


Sniffing means monitoring and capturing data that is being transmitted overa network. While a network 
Professional can do sniffing to diagnose network issues, troubleshooting, and analyse network usage; 
malicious users, on the other hand, use it to steal usernames and passwords, network details, credit card 
numbers, etc., to cause monetary and reputational damages. Just imagine how easy it would become for 
a a criminal to access a computer or network when he has all legitimate usernames and passwords 
with him, 

Sniffing can be done using various tools. Sniffing is often known as wiretapping applied to computer 

Networks because it can be compared with ‘tapping phone wires’ to know about the Ss ^ 
niffing can be as simple as plugging into the network using a cable S pra do a e 
tk and sniffing the entire traffic (whether protected or unprotected). g y o 
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for further attacks or to cause other issues for the network or ua, | 


gather information that can be aed 
t dumb utilities that 
us , and review it whene 


based sniffing tools, there are à 
tor traffic without manipu- 


allow you to view only live traffic, 


ver time allows. , 
Iso hardware protocol analyser devices that plug in, 
| 


euer but they also allow snig | 
Sniffing tools 3 
ers to save the data, 
Besides software s 
the network and can moni 
su can be done at any level. It can be done 
cither by an employee of the company or an outsider. It 
is pretty easy for an internal employee as he is already 
connected to the network. An external attacker may 
intercept data at the firewall level or use wireless net- 
works which has made it easy to sit near the network 
and penetrate it to get information (Fig. 4.6). Figure 4.6 Sniffing | 


Types of Sniffing | 
Sniffing can be either active or passive in nature. | 
) Passive sniffing In passive sniffing, the sniffer just monitors and captures the data. They do not alter it | 


in any way. So you can say that passive sniffing allows listening only. 
Active sniffing In active sniffing, the traffic is not only monitored and captured, but i 
altered in some way. i e eon se ee 
Usually, passive sniffing is more difficult to detect h 
“rete ek dei ect and hence a more dangerous attack as the attacker is 


Prevention 
To Dus , E | 
protect confidential information from sniffing, one must take the following measures. | 


* Use encrypted protocols (such as SS 
L, HTTPs, SFTP 
+ Encrypt all sensitive dat. ine : 
> lata before transmitting it. For example, emails can be encrypted using 


* Anti-sniffer software (like Wi A | 
ireshark, ; 

ers, processes, etc , Sniffit, DSniff, Ettercap) can be used to detect known snif- | 

* Modern antivirus or anti | 


=S] ari 
spyware software can also be used to detect and then disable sniffing | 
ig promiscuous mode on network inte; i i | 
‘aces which results In shutting down most sni 
| 
| 


4.10 PHISHING | 


desi : 
= en collect an individual's online bank, credit card % | 
€ web pages, users enter their personal informatio? | 


^ 
id 
^ 


¡dentifying a Phishing E-mail 
i ils are sent out to thousands of diff i i i 
certain email \ ferent e-mail addresses. Most of the times, the phishers do 
bi^ era! Br ie eher Gem pie belong. Therefore, it is advised that one should not open an 
il from ot dealing with. Fo: jeve i i i 
a iia eras rin, r example, do not believe in emails coming from 

There may be ^ m spelling and grammar mistake in the fake email. For example, an email sup- 
posedly coming from Facebook may spell Facebook as Faceebook. Hence, one should check for obvious 
errors. a that th 2 i r ; RUE e . 

If the emai says that there is an error in your account details and you need to rectify them by giving 
the ae afresh by replying to the email, then extra care should be taken to verify the authenticity of 
the mail. y 

E-mails that request an immediate response or give a specific deadline may be fake. Fo 
the email asks you to click on the link to log in and change your account information within 24 hours, 
it may not be a genuine one. 

Phishing emails often have fake links. They often ask you to click on links that seem to, but do 
not actually belong to the original company. For example, “http://fakeaddress.com/faceboo! ” is nota 
Facebook URL. It just specifies a URL with a “Facebook” directory. Another example could be replac- 
ing ‘r’ with ‘n’ or ‘m’ with ‘n’ in a big URL so that the fraud goes unidentified as in http://www.bank- 


ofimdia.com/. 


r example, if 


4.11 SPAMMING 

Spam emails are a common form of fraud in which the fraudster sei 
addresses to corrupt the receivers” computers, steal their identity, or fool them to pay for fraudulent 
products or services. These emails offer false dealings to recipients such as low-interest loans, winning 
lotteries, fancy business proposals, free credit report checks, and relationships with local singles. Spam 
emails require recipients to open the email and click on a link which may also open up the computer to 
a virus, worm, or other bug that will corrupt the computer. 

An email having an attachment from an unknown sender or from a known sender from whom no 
attachment was expected should not be opened as it may contain malicious code. Only .txt file type is 
always safe to click. 

Therefore, we can say that spamming is 
same message for commercial advertising, 
loans at low interest rates. 

Spam can be not only annoying, but also dangerous to consumers. Such emails are simply too good to 
De true, They give lucrative offers and eye-catching or attention-grabbing statements to attract people's 
attention immediately. For instance, certain emails states that you have won an iPhoneX, a lottery, or a 
Prize, or have been given free/easy loan, etc. RER 
Though, these emails are not requested by a user, they are sent. The source and identity ofthe sender 


15 mostly anonymous or unknown. 


nds bulk emails to millions of email 


g the Internet with many copies ofthe 


the process of floodin 
chemes or 


usually for dubious products such as get-rich si 


"E 
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4.12 TECHNOLOGY SOLUTIONS 


The entire concept of data security rests on the CIA (Con! 


iali the ability to 

context, confidentiality refers to ili 
a confidentiality, data is encrypted before it 18 er 
section, we will read about different ways of encrypting . "n 


~ 
urate and availability means that the information is always | 


Integrity ensures that data is acc 
IP d accessible to authorized users. e 
A 


d Availability) pr; 

dentiality, Integrity, an lity) pri 
ia information from unauthorized 

ferred from one computer to en nm 


4.12.1 Data Encryption and Decryption S 

Encryption (Fi i i i ipher text (random data which is mea 
Fi 4.7) is the process of converting data into a cip. e 

mgless). isl ces text means scrambled data, which cannot be easily understood by anyone exce 

authorized parties. For example, if I want to send a message HELLO to my friend and I do not way 

anyone else to read my message, then I can encrypt this message and send the encrypted text across th 

network. The corresponding cipher text for HELLO could be KHOOR. KHOOR is not understood b 


anyone. 
Data at sender's Cipher 
machine text 
(Scrambled text which 
can be deciphered by receiver) 


Figuro 4.7 Data encryption 


Advantage Encryption is done to protect the confidentiality of digital data that is either stored ont 
ee 2 is irre across the network. Many companies store encrypted data in their databas 
ensure that even i i 
er if an attacker gets illegal access to the confidential data, then at least he is not ab 
Nowadays, many encryption algorithms are u: i 
^ sed; beside: 
tion algorithm has the following features: : 


* Authentication to verify the origi 

* i iginator of the m 
Integrity to ensure that the messa lessage. 

: Pudiation to make sure t 


Transmitted 
across the 
network 


providing confidentiality, a sound en 


replaced by the original character, » the third character (in the forward direction) 


direction) is written, 
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If the decryption key Is not known —. 
/ » even then th, 3 J 
x | 9" | applying several decryption algorithms, © attacker may decrypt the message by 
le ——— 


nn 


EN n 22 Symmetric and Asymmetric Encryption 


jon is done using two main techniques (Fi, : 
) i shared-key, one-key, or private-key) iie dd pis li bn ic (also known as secret-key, sin- 
| ge asymmetric (public key) encryption. 


| metric Encryption 


4 ion is basically d. 
s type of encryption is Y done on small amount ymmetri ich i 
lied on plain text (data) to convert it into cipher text. stl, ee yp Ban Mines 
s applied to convert the cipher text into original data, S si eg Sirac 
A good symmetric encryption algorithm is o 
à ne that makes it very difficult, if not i i 
for attackers to decrypt the generated cipher text without knowing the je aed Pis d e 


Requirements The following are the requirements of systematic encryption: 


= #4 ARF 


+ The longer the key, the more difficult it will be to decı i i 
; 3 \ rypt the message. Most symmetric encryption 

algorithms is: a key of 64 bits, 128 bits, 256 bits, and even 512 bits. iu 

+ tis always better to use an encryption algorithm that has b d - 
cessfully resisted all attacks. s been used for several years and has suc 

+ The secret key can be a number, a word, or just 
a string of random letters. For example, ‘hello’ 
can be encrypted as ‘hzexlqlhog’ by inserting a 

| character randomly between any two characters 
in the original message. 

« Both the sender and the receiver know about the 
secret key. 

* The secret key must be changed on a regular 
basis. 

| Drawbacks The following are the drawbacks of systematic encryption: 

* While exchanging the secret key with the receiver across the network, it may get into the hands 
of an attacker. Once the key is known to him, he can decrypt all the messages very easily, thereby 
defeating the whole idea of ensuring data confidentiality. 

* There is no provision for authenticating the sender. There is no way for the receiver to know whether 

| the message has been sent by the intended sender. 


* Data integrity cannot be assured —whether the receive 


Methods of encryption 


Figure 4.8 Encryption methods 


d message is the one that was sent. 


encryption algorithm by using 


Asymmetric Encryption f symmetric 
en symme 
‚mes the limitations O ther in such a way that a mes- 


etri ; ; 
ic encryption algorithm N. encryption are related to each 0 


Dit of keys, Th i 
. The two keys in asymmetri 
“8e encrypted by one raed can be decrypted only by the second Key: 


Vv 


\ 
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p 118 ) formator lic key is given to anyone | 13 sE 
i ile the public ‘te vO) v 
à rivate key. While t d is known only to its | c 
known as public key and P kept secret and is ! | „ve 
Tue feo. rowe the sien key on the other ei = er be encrypted by using the public ke | vo to 
we ich may includo a small text or a ted only by applying the equivajo, 99°) pM 
message (which may Inc ic key can be decryp! jis» 
menge an encrypted by using the public awe 49 we | 
ilarty, any messa i is shown in Fi ud | 
privat Key on the cipher text. This process is S 413 
SF Plain text st! 
Unsecure | „mu 
Sf networks | Yo site a 
Decryption using wel c pre: 
Encryption using private koy Plain text | s o As 
public key cipher text (Readable text) Po pene 
(Reade ex) (Unreadable text) | jnand g 
Figure 4.9 Asymmetric encryption | — fi 
i Ay | gapsmit 
m rtificate authority. || ible set 
[Dy (ct etr arten ar J| 25. 
RNA E The encrypted tex | unwant 
Fi 4.9, the sender uses the receiver's public key to encrypt the message: i sin en Fires 
pala eee the network. The receiver decrypts the cipher text with his private Key to read the every < 
j confidential message. Linux, 
i i i is P2, then the key P1 is known to everyone who testing 
pueri a ss cn he MY T den ae key P2. A user X who wants to send me a con- turned 
fidential data vill encrypt the data using P1. The data encrypted by P1 can be transformed into original | users © 
text only by applying P2. This ensures that the message intended to be read by me is actually read only compu 
Zone . 
by me. 
Key features The key features of asymmetric encryption are as follows: s 
i 
* The two keys are mathematically related to each other. free 0 
* The algorithm used for encryption is universally known. 
e It is impossible to compute the private key if the public key is known. 
Table 4.1 differentiates between symmetric and asymmetric encryption techniques. E 
Table 4.1 Differences between symmetric and asymmetric encryption Ty t 
: Asymmetricle 7 3 The 
| A single secret key is used. A pair of keys is used. E | Pac] 
[ =A | Bas 
| Secret key is known to sender and receiver. Public key is known but private key is kept secret. ] | Pac] 
It is used by the Digital Encryption Standard. — Itis used by Pretty Good Privacy. | s 
f = — | ac 
| k is computationally faster. It is slower than symmetric encryption. > ] | isb 
| It is less complicated. It is more complex. gi x] Sta 
[ — tio, 
| Secret key is shared. Public key is available to everyone; private key is kept ne 


(are secret; and no key Is shared. 


it 3 SECURITY IMPLEMENTATION 


oda) tect our computer or netwo; 
to pro! etwork systems, à : 
| pls MZ, HTTPS, SSL, and website auditing. 8. In this section, 


3.1 Firewalls 


heard people saying, ‘We 
must have » We cannot access F; i 
Waza ie ll Ot word amt be ceed ina arta Ti ner hr 
i no f at may b ^ answer to this question 
js the pres a 'y be a piece of hardware, softwar isi 

t unauthorized access to computers or networks. It exercises full panis euer 


TEPE FA N j 


pre A t of the comput 
in and going Ou o puter to the Internet. All data traffic passes through the firewall as shown in 


Ren set figured 
s are configured with a set of A 

T ad or received across the er en paneer ui A A € e will be 
e set of rules bite manufacturing company, users can also confi; da 4 B ic ly, fore 
js designed to act as a barrier to keep destructive or Sure tuoi HN, FT 
unwanted forces away from your property. 

Firewalls have become so important today that 
every operating system including Windows, Mac, Firewall 
Linux, etc. offer built-in support for maintaining and 


ing firewalls on the computer and the firewall i 101010101000] || 
10100100101 \ k 


sibl 


tumed on by default. Besides the built-in support, 

users can also use third-party firewalls to protect their 

computers. Some examples of third-party tools are 

Zone Alarm, Norton Personal Firewall, Tiny, Black 

Ice Protection, McAfee Personal Firewall, and Trend 

Micro PC-cillin. Many of these tools either offer a |. ; 
free or a trial version of their commercial versions. Figure 4.10 Firewall 


ES | Firewall helps to screen out hackers and malicious software that tries to reach a computer. 


Types of Firewalls 
The different types of firewalls are explained in this section. 
Packet filterin i i i h data packet that either enters or leaves the network, 
g This technique examines eac ap > 
Based on the result of examination, it accepts or rejects the packet depending on user-defined rules. 
Packet filters work mainly on the first three layers of the OSI model. Although packet filtering is a fast, 
ient, and effective technique, it iS difficult to configure and is susceptible to spoofing. Moreover, 
E data exchange or a new one. This 


Packet filter firewalls cannot tell whether a packet is part of an existing 


es each packet is treated in isolation. A 

ua firewalls Stateful firewall paier the ee e nether a packet is the start of a 
Passing through it. This gives enou: informa’ ; udi 
connection, exista RA or not a part of any connection. When the state of the packet 


filters by recording all connec- 


and its Applications In Business 
acket of an existing connection 
that are coming through a 


a 


can speed up Pac 
ae and evaluating 


teway implementation In fished Once the connection is 


allowing 2 P' 


ket processing by (based on rules) 


pep den packets 
mechanisms are implem: 


uri 
of firewall, security Tree plished, packets can floy 


ps LL n epa of Interet application the fi 
oxy service must be Implemented for each type = m appl s 
B l signed For example, there is an HTTP proxy for web services. — — — 

R m one network to another to disallow 


: f fro 

act as an intermediary for requests firewall to block or alloy 

Proxy firewalls Proxy firewalls a ; wall. This enables the proxy ibd 
direct connecti tween either sides of the fin - lication the firewal] 

traffic based on “meres A oe service must be run for each type of Internet app 
will support, like an HTTP proxy for web services. ‘ ers, a firewall is required to pro. 
plication-layer firewalls With increasing attacks against web Servi firewalls are implemented that 

Ap lications running on them. For this, application 

tect servers and the applications B Such a firewall can block spe. 


ication layer). 
y and ped packen on ar os layer (up to the applic plications and protocols (such as 
ific content (such as 


irewall will 


ertain websites) and report when ap} 


HTTP, FTP, and DNS) are misused. : E K 
However, practically speaking, most firewalls use more than one technique to implement security 
mechanisms. 
Firewall Rules 
Firewalls can be configured based on user-defined rules. These rules can be based on the following 
features. 

IP addresses Block data coming from or going to a certain IP address or a range of IP addresses. 
Domain names Allow or disallow data from certain specific domain names or domain name extensions 
such as .edu or .mil. 

Protocols Allow or disallow data that uses protocols such as IP, SMTP, FTP, UDP, ICMP, and Telnet. 


Keywords Allow or disallow data flow that contains certain keywords or phrases. This is done to block 
offensive or unwanted data from flowing in. i 


4.13.2 Demilitarized Zone (DMZ) 


The term cidad was borrowed from military terminology. Basically, a DMZ is an area between tw 
territories that are hostile to one another. This term was first used to refer to the strip of land that sep* 


rates North Korea from South Korea. Similarly, in computer networks, DMZ (also known as perimelt | 


network) separates an internal network from the often hostile territory of the Internet 


In izati i 
Pre ta se) computers that need to communicate directly with the Internet (or any other publi | 
bite p p ie the DMZ and not in the internal network. Although these computers are protec? | 
firewall, re still at risk as they have direct contact with Internet computers. The DMZ‘ | 


only ‘semi- >. It is easi 
nly secure”. It is easier to hack a computer in the DMZ than on the internal network. So eni 
internal network is not compromised because it is ® | 


a computer in DMZ is hacked, the securi 
of thi 
a completely separate, isolated network. 7 z 


| 
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¡des an additional layer of security t 
ge ibis vis thes blemas 4 © the LAN as it restricts hackers from directly access- 


servers an s D 
id isso in bomes is limited. MZ can also be set up on home networks, although its 
et DMZ can be a logical or a physical network actin; i 
8 as a secure bridge between an internal 


Note U^, network. It has limited access 
ternal > 4 to the internal netwo 
firewall before being transferred nicol network, and all of its communication is 


A 


DMZ Is considered more secure, safer th 
en tree eter eo ed a firewall, and can also work as a proxy server. J 


3.3 Secure Socket Layer 


4l 
Secure exist ipe LO E geh ro that uses encryption of messages exchanged between a 
$ ^ unication. To creat: i 
Li ificate. To get this certificate, one must follow the ses pre ds 
m Give all details about his/her website and company. i 
Sup 2: A pair of private and public key is then assigned to the applicant. 
3: Certificate. signing request (CSR) is then submitted to the certification authority (CA). CSR is a 

data file that contains applicant's details as well as the public key assigned to him/ her. 
4: The CA validates the details. 
Step 5: If the authentication is successful, SSL certificate is issued. This certificate would be matched to 
the private key. The certificate includes the domain name, the name of the company, expiration date of 
SSL, details of CA and other things like applicants address, city, state, and country. 
Now, an encrypted link is established. The existence of an encrypted session is indicated by the presence 
ofthe lock icon in the address bar. 

Note that when SSL certificate is instal 
the web server and the browser that connects t 
with “https” instead of “http” and a padlock is shown on the address bar. I 


validation (EV) certificate, then thi 


Step 


lled on a web server, a secure connection is established between 
o it (Fig. 4.11). Moreover, the website's URL is prefixed 
f the website uses an extended 


e browser has a green address bar. 


Figure 4.11 SSL protocol 
Use of SSL 
The SSL protocol is used by millions of online businesses to au LA koc e rer = 
Mich may include their personal information, passwords, OF P idese is issued by a trusted CA. 
ers can interact with secured websites as long as the site's © 


nd its Applications in Bus" 


ga) Information Technology ? 
£ d cy x 
pio ario when fraudsters i ampers and card details, 


: in today's scena A account ^ 
more important In luding banie being transmitted. Therefore, the hee 


according to Google, it is being 


tocol today and. ser. Besides using this 


ink cannot be i E 
ET the most widely used security P! 


re than 50% 
f web pages, 
id voice over IP. 


hrome browse d 
E nn including email, file transfer, 


messaging, an 


Figure 4.12 SSL protocol in action 


Establishing an SSL-encrypted Connection 
Whenever a browser initiates a connection with a SSL secured website, the following things happen: 


* A user requests a secure connection to a website by entering a URL that begins with ‘HTTPS’ in 
the address bar. 
* The browser will first retrieve the site's SSL certificate to check if it is still valid (that it has not 
expired or been revoked). ] 
* Itthen checks whether the CA is trusted by the browser. 
* Then another check is made to ensure that the certificate is being used by the website for which it 
has been issued. 
* i all xd cer checks are successful, then the communicating parties exchange data over the 
erypted link. In case of failure, a warning is displayed to the indicati ite i 
à " user, bsite 15 
not secured by a valid SSL certificate. ig En vee 


* Once an encrypted Connection is establi 
be deciphered b eat 


e it. 


the bi BER transferred between the two parties can only 
y o parties involved. Even if hackers get that data, they will not be able to | 


How Does SSL Work? | 


the domain that Was requested by the user. | 
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nfirms that the websi i i i 
. when the browser co! 1 t Website can be trusted, it creates a symmetric session key that 
jt encrypts with the public key in the website's certificate. The session key is then sent to the web 


b server uses its private key to decrypt the symmetric session key. 


. The 
+ The server sends back an acknowledgement that is encrypted with the session key. 
. From now on, all data transmitted between the server and the browser is encrypted and secure. 


A dvantages of SSL 

+ Data is protected using encryption. 

š Website can build ae with users and gain more number of clicks and business. 

+ This means your we site visitors will be able to clearly see you have a secure operation and will be 
more inclined to complete purchases with you. 

+ Users are sure about the identity of the website. So they cannot be fooled by fraudsters. 

+ Various search engines give (search engine optimization) benefits to https pages over non-https 
pages. Increase in SEO ranking increases customer base of the website. 

» [t protects against phishing attacks. 


ES It is very difficult for cyber criminals to receive a proper SSL certificate. 


Disadvantages of SSL 
Alot of cost is involved to set up a trusted infrastructure and validate the identity. Performance degrades 
with SSL as more server resources are required for encryption and decryption of data. 


4.13.4 HTTPs 


HTTPs is a secure version of HyperText Transfer Protocol (HTTP). The ‘s’ stands for secure. HTTPs 
ensures secure communication between a user’s browser and a web server. A website supporting HTTPs 


protocol has its URL beginning with https://. Moreover, whenever you are accessing a secured website, 
you can always see a green address bar or padlock in the browser window. 

HTTPs is very much important for e-commerce websites 
and those websites that accept online payments or confi- User Normal HTTP (80) 
dential data. It sends this data securely to the server to pre- : 
vent it from being stolen by malicious users. Besides these 
reasons, HTTPs has also become important because now 
Google has announced that HTTPS will be a factor in their 
ranking of the websites. HTTPs either uses SSL or TLS 
(Transport Layer Security) for encrypting data. 
To summarize, benefits of using HTTPs over HTTP include 
the following: 


* Enhances trust of customers by reassuring them that 


User 
EA 
they are using a secure and responsible business 


* Customers are sure about the identity of the business Figure 4.13 HTTP vs HTTPs 
* Increases the ranking by search engine 


Secure HTTPS (443) 


E 
eo 
Encrypted Connection 


an ides authentication. To use HTTPs, a webs; 
afidentiality, HTTPS also Provic™ $ is, For this, the website’s admini ate 


fd sane eel pro 
mc Lean d itself to prove that it's the site it says i ee 

asks a CA (certification authority such as ende m E 
includes ic ke: that in theory cannot e fo: i P x 
HTTPs er of data by ISPs or hackers. They can no longer insert ads or inject code 
designed to compromise a user's computer. 
‚ck certain pages of a site or even just parts of, 


government censor can choose to blo: 
of HTTP and HTTPs. 


) to issue the site a certificate that 


Without HTTPS, a r 
page. Figure 4.13 shows a comparison 


HTTP vs HTTPs l 
On a website supporting HTTP, confidential data can be intercepted, spied 


between the user’s website and the web server. A 
When a HTTP website is accessed, the web server responds to user's requests (from the browser). Al 
the data is exchanged in an unencrypted form. On the other hand, with a HTTPs website, the user's web 


browser and the server first exchange cryptographic keys. These keys are then used by the web browser 
and the web server to send messages that only the other side can decrypt, thereby locking out all hackers, 

HTTPs also provides additional privacy for normal web browsing, making your normal web browsing 
also confidential. So any other person will not be able to know the pages you visited. 


on and even altered by anyone 


Figure 4.14 (a) shows a HTTPs website. 


[By Internet for people, not pr. X \ + 


(€) O A Mel. U9 | https/Awww. 


| € || Search 


A Mozilla Corporation 


Secure Connection 


Figure 4.14 (a) HTTPs website 


Note if i 
if you click on the lock you can see the details of the website as shown in Fig. 4.14(b) 


A Apple Inc, e 


Safari Is using an encrypted connection to www.apple.com : 


Encryption with a digital certificate keeps 
https website wkapplecom, == Information private as it's serit to or from the 


Symantec Corporation has identiti 
Cupertino, California, Bes led www.apple.com as being owned by Apple Inc. In 


Figure 4. 
14 (b) Security details of the HTTPs website 
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„14 WEBSITE AUDIT 


" website audit includes pos activities to review the forms, information, content, graphics, evaluation of 

¿ng and the vn. ol a website. It is especially done to identify and improve any shortcomings that 
might bave been otherwise ignored. During a website audit, factors like traffic are also monitored as it 
plays a key role in the success of a website and generation of sales. 


significance of Website Audit 


+ Itgives an insight into new graphic and strategic ideas. For example, with statistics such as bounce 
rates, time spent on the website, and number of views, a company can discover what content their 
audience enjoys and finds helpful and what turns them off. This information also helps business to 
improve both blog and social media strategies. 

» Ithelps to identify elements that are hampering the website’s current performance. 

+ It reveals a website’s traffic ranking, bounce rates, and search percentages. The traffic report indi- 
cates where traffic to the site is coming from, which search terms (keywords) are being used to 
trigger the site and which websites provide referrals. 

+ It helps to create new online marketing strategies to bring traffic to the website. 

+ A complete website audit reveals broken links and other errors in the HTML code. For example, all 
404 errors needs to be either rectified or redirected. 

+ It helps to review response time and download time. This is very important as a slow loading web- 
site can hinder the success of the website. 

« Character setting is checked as wrong outputs of a page can affect the indexing of website by search 


engines. 
» The file size of the website is checked as a large file size increases the download time. 
+ The page titles and content of the website are checked to ensure that there is no duplication within 


the site. 
+ Know about the most important keywords that are driving traffic to the website. 


* It helps to know about areas for optimization in content. For example, content that is irrelevant or 
outdated and needs to be removed or the content that needs to be redirected. 

* It also helps to know which images are not properly tagged. 

* Checks metadata to ensure that all pages have unique and relevant metadata. Metadata and descrip- 
tions of webpages if not given properly will make it difficult for search engines to find them as they 


would not be able to make out clearly what the web page or website is all about. 
* Check that heading size is uniform and ok (neither too small nor too big). 


* Ensure that the website functions properly on mobiles and tablets. 


* Ensure all web pages have proper URL structures. 
the website are properly indexed and those that need not be 


L Checks whether all important pages on 
indexed are blocked (for example, a “thank you’ page). 
Web audit saves the website from penalization. If the search engine finds that the web page title or the 


ds are not relevant as per its contents, then the website will be penalized. For example, if there 
r nk farming in the website to improve its ranking and traffic, 


have been instances of keyword stuffing or li 

gorli / ; MORENO Ned 
then the website will have to bear penalty from the search engines. A sound website audit can identify 
and correct anything that can lead to instances penalization. 


ness 
its Applications in Busi 
tion Technology and 

126 Informal 
When a website is ier is a Temi 
" discovt jne would display M " " e 
cade sry . So the search eng eI the site. This will au 

about it instantly. rus if they visi d jalon of un cally 


bring down the count of visitors rani c esi. 
A website audit, therefore is necessary to 


TEE! a s: i di — 
— opti nization (SEO) is used to optimize the website; a website ann) 
imi 
Eg | ER et monitor its optimizing process. 20 
e ge rankings and thus increase the 


ds to know about monitoring and 
that should be conducted at leag, 


i d pa; 
Hence, a website audit helps the company to increase em "an 
return on investment (ROL). In short, it provides everything Kor 
maintaining the website. Website audit should be an ongoing pro! 


once a year. Me 
that have automated SEO audit tools which can 


yum á E E iet 
There are many websites on the Intern: heh 
ES | be used by anyone. You just need to enter the URL of the website and the repo be 


| generated in a few minutes. — pote panne ae 


Points to consider before going for a Web Audit 


+ The website should be organized in such a way that users can easily navigate through it. : 
+ There should not be too many items in the navigation bar. Instead of cluttering the navigation bar, 
dropdowns should be used to list all the services. 
* There should be minimum number of tabs in the main menu. 
* Make sure that users do not have to click more than three times to open a particular page. 
* Every page should have a link, button or any other way to return to the homepage. 
* The homepage should not have excess of information. 
* There should be a utility to search for the desired item on a website. 
* Every website must have a Contact Us section giving details of Facebook page, Twitter address, 
email address, phone number, official address, or any other link on the social media. 


Conclusion 


Google makes around 500 changes to its algorithm every year. Even a minor change in the algorithm can 


have a big impact on the performance of the website. Mor i i 
: c - Moreover, penalties for everythi obvious 
link spam to having too many ads on the website makes it ci der SFE 


semi-annually or annually. mandatory for a company to go for a web audi | 


. x the Internet is an insecure channel for exchang- 
iat gig data or messages and intrusion or 
like phishing are very common, some 
methods must be implemented to protect the data. 


* Internet security ensures authenticated access of 
data that is exchanged over the Internet. 


the existing data, add wrong data, or delete 507" 
important data, 


I 


* Authorized or unauthorized users may mod | 


P 


The most common threats to data security comes 


«per from use of malwares or through fraud like 
me 


phishing: once installed, can connect to a remote 
i ari ser over the Internet to download a more 
ubstantial piece of malicious software. 
R F sers must always use the latest operating system 
and antivirus software, 
hâ man-in-the-middle (MIM) attack or network 
attack, the attacker intentionally inserts 
himself into a conversation between two persons. 
. A good symmetric encryption algorithm is 
one that makes it very difficult, if not impos- 
sible, for attackers to decrypt the generated 
cipher text without knowing the key used for 
encryption. 
+. Ransomware is a subset of malware that locks the 
data (usually by encryption) on the victim's com- 
puter and asks for payment to decrypt that data 
and return access to the victim. 
+ Sniffing means monitoring and capturing data that 
is being transmitted over a network. 
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* Phishing is done to acquire sensitive information 


such as passwords, account numbers, and credit 
card details. In this technique, the fraudster con- 
structs a fake website that looks similar to the 
legitimate website. 

* Secure socket layer (SSL) is a security proto- 
col that uses encryption of messages exchanged 
between a web server and a browser in an online 
communication. 

* HTTPs ensures secure communication between a 
user's browser and a web server. A website sup- 
porting the HTTPs protocol has its URL begin- 
ning with https://. 

+ A website audit includes all activities to review 
the forms, information, content, graphics, evalua- 
tion of ranking, and the quality of a website. It is 
especially done to identify and improve any short- 
comings that might have been otherwise ignored. 
During a website audit, factors like traffic are also 
monitored as it plays a key role in the success ofa 
website and generation of sales. 


Accountability The activities of the authorized 
persons are documented to deter employees from 
wrongdoing 


Antivirus A software that prevents, detects, and 
removes malicious software programs such as virus, 
worms, Trojan horses, spywares, adwares, and so on 
that are harmful to computer systems 


Anthentication Confirming the identity of the per- 
son requesting to gain access to a resource. This can 
be done by validating a username and password 


Anthorization Determining the set of actions that 
an authenticated person can perform on a resource. 
For example, an employee working in the Accounts 

is not authorized to access the files of the 
Sales & Marketing department 


Cookie Small-sized files that store information 
about an Internet user on her own computer 


Cracker A person who breaks into the system by 
password cracking or by cracking the security meas- 
ures implemented to protect the data 


Cybercrime Any crime or illegal activity that 
involves a computer and a network 


Cyberstalking Use of the Internet to stalk or harass 
an individual, an organization, or a specific group. 
Cyberstalking also includes monitoring someone’s 
online activity 


Cyberterrorism Disruptive use of IT by terrorists to 
attack networks, computer systems, and telecommu- 
nication infrastructures 


Cyberwarfare Nations using IT to penetrate another 
nation’s networks to cause damage or disruption 


Cyberespionage The practice of using IT to obtain 
secret information without seeking permission from 


its Applications 
=) Information Technology end 


Decryption i ted 
The process of converting encryP! 
data back into its original form so that the receiver 
can correctly interpret its meaning 

Denial of service An attempt to make a CO 
resource unavailable to its intended users 


Encryption The process of converting data into a 
cipher text 
Firewall A piece or hardware, software, or both that 
is installed to prevent unauthorized access to com- 
puters or networks 
Hacking The practice of identifying weaknesses or 
loopholes in a computer system, or a computer appli- 
cation, or a network to exploit its weaknesses to gain 
unauthorized access 
Hacker A person who either breaks into the system 
for which they have no authorization or goes beyond 
their limits of legitimate access 


mputer 


In Business 


i ith wrong intenti 
re Software designed wi in. 
gre em d within legitimate software that r 
either useful or attractive 

Spamming The process of flooding the Internet "k 
many copies of the same message for i 
advertising, usually for dubious products like e 
rich schemes or loan at low interest rates 

Spyware A malicious program that surreptitiously 


monitors activity on a computer and reports tha 
A * 
information to others without the user's consent 


Trojan horse A non-self-replicating malicious sog. 
ware that pretends to be harmless so that users can 
easily download it on the computer 


Virus A small program that gets loaded in the com. 
puter without the user's knowledge and replicates 
itself repeatedly 

Vulnerability assessment An audit or a check that 


is performed to identify potential vulnerabilities ina 
computer system or network 


[ Multiple-choice Questions : | 


1. The term data security includes security of 


(a) data (c) transactions 
(b) information (d) all ofthese 
2. Data security does not include 
(a) authenticated access 
(b) privacy 
(c) integrity 
(d) none of these 
3. Which of the following is not true about a 
(a) He/She breaks into security. 
bn Xt is always an authorized user. 
a crosses the boundary of legitimate 
(d) He/She is always a i 
; person outside of 
Sn ide of the 
4. Whois a cracker? 
(a) Hacker 
(b) One who cracks passwords 


(c) One who bypasses the security mechanism 
(d) All of these 


5. Which of the following is not a threat to data 


security? 
(a) Humans (c) Natural disaster 
(b) Malware (d) None of these 


ES 


Confidential data can be tampered by 
it. 


o deleting (c) stealing 
(b) modifying (d) all of these 
Protecting confidential data includes 


(a) preventing it from being altered 
(b) detecting any attempt to damage, modify, 
or steal it 


(c) recovering lost or dam: 
d data 
(d) all of these a 


The generic term for all types of software 
designed with bad intentions to cause a 
to data security is 


16. 


17, 


18, 


i (c) worm 
em (d) Trojan horse 
The eric term used for a piece of code 
» that is usually embedded within a legitimate 
software e 
() virus (c) worm 
(0) (d) Trojan horse 
"n Lo  replicates itself. 
(a) Virus (c) Adware 
(b) Spyware (d) Trojan horse 
11. Identify the malware which can delete files or 
consume all the memory space. 
(a) Virus (c) Adware 
(b) Spyware (d) Trojan horse 
12. Identify the malware that needs a host file to 
spread itself. 
(a) Virus (c) Adware 
(b) Spyware (d) Trojan horse 
15 The is loaded in memory from the 
bot record. 
(a) MS Office 
(b) operating system 
(c) application software (d) 
utility software 
14. viruses infect only executable files. 
(a) Boot record (c) Stealth 
(b) Program (d) Macro 
15. viruses are a combination of boot 
viruses and program viruses. 
(a) Multipartite (c) Stealth 
(b) Polymorphic (d) Macro 
16. virus will remove the virus code from 
an infected file when antivirus software is run. 
(a) Multipartite (c) Stealth 
(b) Polymorphic (d) Macro 
n. viruses create copies during 
replication. 
(a) Multipartite (c) Stealth 
(b) Polymorphic (d) Macro 
io virus inserts itself in the computer's 
memory. 
(a) Multipartite (c) Stealth 
(b) Resident (d) Macro 


19. virus is dormant when the file is not 
being executed. 
(a) Direct action 
(b) Resident 


20. 


(c) Stealth 
(d) Macro 
____virus changes the paths that 
indicate the location of a file. 
(a) Overwrite (c) Network 
(b) Directory (d) Cavity 
virus multiplies through shared 
resources such as shared drives and files. 
(a) Overwrite (c) Network 
(b) Directory (d) Cavity 
22. When a file gets infected with a virus, 
it seems missing or inaccessible to the users. 
(a) overwrite (c) network 
(b) directory (d) FAT 
— — replicates itself. 
(a) Worm (c) Adware 
(b) Spyware (d) Trojan horse 
is a malicious code that locates 
vulnerabilities on a computer to exploit them. 
(a) Worm (c) Virus 
(b) Spyware (d) Trojan horse 
is a non-self-replicating malicious 
code that can even install a virus. 
(a) Worm (c) Adware 
(b) Spyware (d) Trojan Horse 
may allow the computer to be 
accessed from a remote machine. 
(a) Worm (c) Adware 
(b) Spyware (d) Trojan horse 
Trojan horse floods the target server 
with traffic to make it impossible for users to 
access certain websites. 
(a) Denial-of-service attack 
(b) File serving 
(c) Keylogging 
(d) Password stealing 
28. Antivirus can detect 3 
(a) viruses (c) ransomware 
(b) Trojan horse (d) all of these 
is usually used for tracking and 
storing a user's Internet browsing patterns. 
(a) Worm (c) Virus 


21. 


23. 


24, 


25. 


26. 


27. 


29. 
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(d) Trojan horse 
30. e e t not transfer a user's personal 
I information to another location. 
|! (a) Worm (c) Adware 
(b) Spyware (d) Trojan horse 
31. slows down a computer's speed. 
(a) Virus (c) Adware 
| (b) Spyware (d) All ofthese 
the attacker modifies the 


32. In__4 


browser to permanently change the home page. 


(a) denial-of-service 
(b) spoofing 
(c) browser hijacking 
(d) sniffing 

33. In , the attacker sends numerous 
external communication requests to the target 
machine. 
(a) ping of flood (c) teardrop attack 
(b) ping of death (d) mail bomb 

34. A ping packet in the network that exceeds 


65,535 bytes is sent in attack. 
(a) ping of flood (c) teardrop attack 
(b) ping of death (d) mail bomb 

35. In , the attacker puts a confusing 
sequence number in the packets. 
(a) ping of flood (c) teardrop attack 
(b) ping of death (d) mail bomb 


36. In , unauthorized users send a large 
number of messages with large attachments to 
a particular server to fill its disk space. 
(a) ping of flood (c) teardrop attack 
(b) ping of death (d) mail bomb 
37. Ina attack, the attacker inserts 
himself into a conversation between two 
people. 
(a) man-in-the-middle (c) teardrop attack 
(b) ping of death (d) mail bomb 
38. In a attack, the attacker 
Impersonates the people in the conversation. 
(a) ping of flood 
(b) ping of death 
(c) man-in-the-middle 
(d) mail bomb 
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39. Man-in-the-middle attack can be prevented by 


(a) using an anti-spoofing software 
(b) using HTTPs 
(c) using packet filters 
(d) all of these 

40. In the fraudster constructs a fake 
website that looks similar to the legitimate site 
and asks for the user's personal information to 
steal it. 
(a) online auction fraud 
(b) online purchase fraud 
(c) phishing 
(d) online intellectual property theft 

41. Copy pasting content from a website without 
taking permissions from the author is 


(a) phishing 

(b) violation of intellectual property 

(c) work from home scam 

(d) none of these 
42. Link in a spam email may have 

(a) virus (c) bugs 

(b) worm (d) all of these 
43. A password cannot contain 

(a) characters 

(b) digits 

(c) special characters 

(d) none of these 

44. Which of the following is not necessary while 
working on the Internet? 

(a) To go to a website, type its address in the 
address bar and not click on any link or 
cut and paste its address 

(b) Delete cookies and history of web pages 
browsed 

(c) Do not use an obsolete operating system 

(d) None of these 

45. Antivirus 

from malware, 

(a) deletes the file 

(b) quarantines the file 

(c) deletes the virus code 

(d) all of these 


to protect the computet 


51, 


based antivirus software examines 


type of antivirus, virus i 
ft. Ine by searching for matches in a Mim = 
nents (c) both of these 
O heuristic based (d) none of these 
a The ———— type of antivirus protects 

ihe computer from brand-new viruses, 
(a) signature-based (c) both of these 
) heuristic based (d) none of these 

y. Which of the following approaches does the 
antivirus not use? 

(a) Emulating the beginning of the code of 
each executable 

(b) Emulating the operating system and run- 
ning the executable programs 

(c) Working in the background and monitor- 
ing the computer's activity 

(d) None of these 

50. Identify the incorrect statement. 

(a) Web-based antivirus scans should not be 
done as they are either spyware or Trojan 
horses. 

(b) If there is more than one antivirus software 
installed, then only one of them should 
work in the interactive. 

(c) Firewall exercises full control over data 
packets coming in and going out of the 
computer to the Internet. 

(d) Anti-virus is configured with a set of rules 

that decide the packets to be accepted, 

which will be transmitted or received 
across the network. 


Sl. Firewall can be a 
(@) hardware (c) both ofthese 
() software (d) none of these 


5, 
| —— type of firewall examines each data 
| Packet that either enters or leaves the network. 
(a) Packet filtering 


53, 


55. 


56. 


57. 


58. 


59. 


60. 


61. 
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(b) Stateful 
(©) Circuit-level gatewar 
(d) Proxy sii 
- type of firewall records all 
Connections passing through it. 
(a) Packet filtering 
(b) Stateful 
(c) Circuit-level 
gateway 
(d) Proxy 


firewall act as an intermediary for 
requests from one network to another. 
(a) Packet filtering 
(b) Stateful 
(c) Circuit-level gateway 
(d) Proxy 
Firewalls can be implemented to block traffic 
for one or more 
(a) protocol (c) domain name 
(b) IP address (d) all of these 
is the process of converting data 
into a cipher text. 
(a) Encryption (c) Translation 
(b) Decryption (d) Compression 
Which property is to ensure that the sender 
cannot deny sending the message? 
(a) Authentication (c) Integrity 
(b) Non-repudiation (d) Consistency 
Which property ensures that the message 
has not been modified or tampered during 
transmission? 
(a) Authentication (c) Integrity 
(b) Non-repudiation (d) Consistency 
Which property verifies the originator of the 
message? 
(a) Authentication (c) Integrity 
(b) Non-repudiation (d) Consistency 
is the process of converting 
encrypted data back into its original form. 
(a) Encryption (c) Translation 
(b) Decryption (d) Compression 
Which encryption algorithm uses a single key 
to encrypt messages? 
(a) Symmetric 
(b) Asymmetric 


(c) Both of these 
(d) None of these 
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av 


62. Who knows the secret symmetric key? 


(a) Sender 
ver 
a Mud des following is not a disadvantage of 
the symmetric key algorithm? 
(a) Key may get into the hands of attackers. 
(b) No provision for authenticating the sender. 
(c) Data integrity cannot be assured. 
(d) The secret key can be a number, a word, or 
just a string of random letters. 
64. In asymmetric key encryption algorithm, the 
original message is encrypted using____ key. 
(a) public (c) symmetric 
(b) private (d) none of these 
65. The encrypted message is decrypted with 
key. 
(a) public (c) symmetric 
(b) private (d) none of these 
66. Which of the following is not a feature of 
asymmetric encryption algorithm? 
(a) Both the sender and the receiver know 
about the secret key. 
(b) The two keys are mathematically related to 
each other. 
(c) The algorithm used for encryption is uni- 
! j versally known. 
/ (d) It is impossible to compute the private key 
if the public key is known. 
67. Ina digital signature, the sender signs the 


(c) Both of them 
(d) None of them 


message with his____ key. 
(a) public (c) symmetric 
(b) private (d) none of these 
68. Ina digital envelope, the original message is 
encrypted with ___ key. 
(a) public (c) symmetric 
(b) private (d) none of these 


69. Ina digital envelope, symmetric key is 
encrypted with. key of the receiver, 
(a) public (c) symmetric 
(b) private (d) none of these 
70. A digital certificate has the 4 
(a) digital signature of the certificate-issuing 
authority 
(b) public key of the owner of the certificate 


(c) owner' identity 
(d) all of these 
71. The job of certificate authority is to EC 


certificates. 

(a) issue (c) both of these 

(b) revoke (d) none of these 
72. defines the degree to which data and 


other resources are accessible for use when 


required. A 
(a) Reliability (c) Accessibility 
(b) Availability (d) Readability 

73. Confirming the identity of the person 
requesting to gain access to a resource means 


(c) reliability 
(d) accountability 
. —. determines the set of 
actions that an authenticated person can 
perform on a resource. 
(a) Authentication (c) Reliablity 
(b) Authorization (d) Accountablity 
75. Nations using IT to penetrate another nation's 
networks to cause damage or disruption, this is 
known as " 
(a) cyberterrorism (c) cybercrime 
(b) cyberwarfare (d) cyberespionage 
76. The practice of using IT to obtain secret 
information without Seeking permission from 
its owners is known as s 
(a) cyberterrorism (c) cybercrime 
(b) cyberwarfare (d) cyberespionage 
is a subset of malware which locks 
the data on the victim's computer and asks for 
payment to decrypt that data. 
(a) Ransomware (c) Spyware 
(b) Virus (d) Adware 
78. Ransomware Works by 
(a) changing user's credentials 
(b) encrypting user's files and data 
(c) both of these 
(d) none of these 
79. Payment in case of a ransomware attack is 
demanded in 
(a) Dollars 


(a) authentication 
(b) authorization 
74. 


71. 


(c) Euro 


83. 


8 


(d) Bitcoin 


(b yen i 
ware can get installed through 


$0. R x 

(9 spam emails 

) infected apps 
‘ clicking pop-up messages 
ca) al! of these 
is popular currency among 
E criminals because it is decentralized, 
lated, and practically impossible to 


(c 


sl. 


trace. 
(a) Dollars (c) Euro 
) Yen (d) Bitcoin 
which of the following is not a good way to 
control ransomware attacks? 
(a) Downloading a good anti-virus software 
() Being extra cautious while clicking on 
links in emails 
(c) Installing a pop-up blocker on your com- 
puting device 
(d) Taking back up of computing devices on a 
regular basis 
83. Which of the following is not correct? 
(a) It is possible to delete a ransomware if the 
computer is not locked. 
(b) Anti-virus tools can detect and delete 
ransomware. 
(c) There are decryption tools that can be used 
in case of a ransomware attack. 
(d) Paying ransom guarantees that your files 
will be reusable. 
means tricking or deceiving 
computer systems or users. 
(a) Spoofing (c) Hacking 
(b) Sniffing (d) Tracking 
85. Spoofing is done by 
(a) hiding one's identity 
(b) faking the identity of another user on the 
Internet 
(c) DoS attack 
(d) both (a) and (b) 


u. 
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(a) Spoofing (c) Hacking 
(b) Sniffing (d) Tracking 
87. Avoid trust relationship on the Internet to 
prevent 
(a) spoofing (c) hacking 
(b) sniffing (d) tracking 
88. means monitoring and capturing data 


that is being transmitted over a network. 
(a) Spoofing (c) Hacking 
(b) Sniffing (d) Tracking 

89. Legitimate use of sniffing does not involve 


(a) diagnosing network issues 
(b) troubleshooting network related issues 
(c) analysing network usage 
(d) extracting confidential data 

90. Sniffing cannot be done by J 
(a) internal user (c) wireless user 
(b) external user (d) none of these 


91. In sniffing, the sniffer just monitors 
and captures the data. 
(a) active (c) both of these 
(b) passive (d) none of these 
92. In sniffing, the sniffer alters the data. 
(a) active (c) both of these 
(b) passive (d) none of these 
93. ____ sniffing is more difficult to detect and 
hence is more dangerous. 
(a) Active (c) Both of these 


(b) Passive (d) None of these 
94. Identify the protocol that protects computers 


and users from sniffing attack. 
(a) HTTPs (c) TLS 
(b) SSL (d) All of these 


95. Emails can be encrypted using 
protocol which uses encryption. 
(a) PGP, symmetric (c) DES, symmetric 
(b) PGP, asymmetric 
96. software can detect sniffing. 
(a) Anti-sniffing (c) Anti-spyware 
(b) Antivirus (d) All of these 


86. Identify the attack in which messages are eitheT 97 Identify the incorrect statement. 


sent using a bogus e-mail address, IP address 
of a certain computer is masked, and a cyber 
criminal fakes an identity. 


(d) DES, asymmetric 
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i TTPs provide ——— —— 
unicate 105. H ier O 
(a) Computers that need not — ed undo (a) authentication pee aliy 

directly with the Internet are plat © ae 

i i t statement. 

ER rotected by 106. Identify tbe incorrect $ ined 
ne a (a) Without HTTPS,ag 4 Censor cay 

firewalls. home choose to block certain pages of a ai: 
(c) A DMZ can also be set up on ho! (b) With HTTPs ISPs can no longer insert ag, 
oe or inject code in the website. 


(d) DMZ can be a logical or a physical 
network. 


of messages. 


98. SSL uses __— , 
(c) translation 


(a) encryption n 
(b) decryption (d) compression 
99. To create an SSL connection, one must have an 
SSL N 
(a) signature (c) degree 
(b) certificate (d) password 
100. The SSL certificate contains the 
(a) domain name 
(b) details of CA 


(c) applicant's address 
(d) all of these 

101. The existence of an encrypted session is 
indicated by the presence of a 
(a) lock icon in the address bar 
(b) green address bar 
(c) secured protocol 


(d) all of these 
102. When browsing a website over an SSL 

connection, the URL begins with the____ 
protocol. 

(a) HTTP (c) TLS 

(b) HTTPs (d) SFTP 

103. SSL works with encryption 

algorithm. 

(a) symmetric (c) both of these 

(b) asymmetric (d) none of these 


104. Identify the incorrect statement. 
(a) SSL protects from phishing attack. 
(b) SEO gives higher ranking to websites 
using HTTPs. 
(c) Performance of a website degrades when it 
uses SSL. 
(d) HTTPs use SSL certificates. 


On a website supporting HTTP, confiden. 
tial data can be intercepted, spied on and 
even altered by anyone. 

(d) HTTPs exchanges data in an unencrypted 


© 


form. 
107. HTTPs encryption mechanism requires —— 
key(s). 
(a) one (c) three 
(b) two (d) four 


108. Identify the incorrect statement. 
(a) A website audit includes all activities to 


review the forms, information, content, 
graphics, evaluation of ranking, and the 
quality of a website. 


(b) During a website audit, traffic to a website 


is also monitored. 

(c) Website audit gives an insight into new 
graphic and strategic ideas. 

(d) Website audit does not reveal a web- 
site’s ranking, bounce rates, and search 
percentages. 

109. Website audit does not report . 

(a) response time (c) 404 errors 

(b) download time (d) none ofthese 

110. To control duplication — s 
checked. 

(a) page title (c) keywords 

(b) page content (d) all of these 
111. Identify the incorrect statement. 
(a) Web audit saves the website from 
penalization. 


(b) Web audit helps a website to discover mi 


ware infection. 


(c) Website audit should be an ongoing Pf?" 


cess that should be conducted at least 
a year. 
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of these 
should not have to click more than 
page. 


identify the 
113 The homepage of a website should have 


detailed information about it. 
œ) his mandatory that Contact Us section be 
t in every website. 
(c) The algorithm for ranking the websites is 
the same. 
(d) Every page should have a link, button, or 
any other way to return to the homepage. 
m Website audit should be done at least once 


an 
(a) ina wee! 
(b) every fortnight 
(c) ina month 
(d) in six months 
115. Cybercrime does not involve which of the 
following? 
(a) Using computer as a weapon to attack 
(b) Using computer as an accessory to commit 
a crime 
(c) Attacking a computer 
(d) None of these 
116. The most appropriate term used to denote the 
act of monitoring someone's online activity is 
(a) cybercrime 
(b) internet crime 
(c) cyberstalking 
(d) computer stalking 
117. Hackers who take control over the system for 
personal gains are called hackers. 
(a) red hat (c) grey hat 
(b) white hat (d) black hat 
means gaining unauthorized 
access of a computer system. 
(a) Spoofing (c) Cracking 
(b) Hacking (d) Attacking 


118, 


Security and Encryption 


119. 


means analysing the data that is 
being transmitted over a network to gain access 
to some confidential information. 
(a) Spoofing (c) Cracking 
(b) Hacking (d) Sniffing 
120. _________is done to acquire sensitive 
information such as passwords, account 
numbers, and credit card details by creating a 
fake website that looks similar to the legitimate 
website. 
(a) Phishing (c) Cracking 
(b) Hacking (d) Sniffing 
filetype is always safe to click and 
open. 
(a) .exe (c) docx 
(b) .txt (d) xlsx 
is the process of flooding the 
Internet with many copies of the same message 
for commercial advertising. 
(a) Phishing (c) Cracking 
(b) Hacking (d) Spamming 
123. Which attack targets the availability of web 
applications? 


121. 


122. 


(a) Phishing (c) DoS 

(b) Sniffing (d) Spoofing 
124. The 's' in https stands for 

(a) safe (c) simple 

(b) secure (d) straight 


125. Website audit checks the A 
(a) content (c) performance 
(b) graphics (d) all of these 
126. Which of the following is correct? 

(a) The home page should have maximum 
information. 

(b) Cookies are small-sized files that store 
information about an Internet user on his/ 
her own computer. 

(c) Password cracker is an ethical hacker. 

(d) Authorization means confirming the iden- 
tity of the person requesting to gain access 
to a resource. 


1. (d) 2. 
11. (a) 12. 
21. (c) 22. 


31. (d) 32. 
| 41. (b) 42. 
51. (c) 52. 
61. (a) 62. 
| 74. (o) 72. 
81. (d) 82. 
| 91. (b) 92. 
| 101. (d)102. 
111. (d) 112. 
121. (b)122. 


(d) 3. 
(a) 13. 
(d) 23. 
(c) 33. 
(d) 43. 
(a) 53. 
(c) 63. 
(b) 73. 
(d) 83. 
(a) 93. 
(b) 103. 
(c) 113. 
(d) 123. 


Answers to Multiple-choice Questions 


(d 4 
(b) 14. 
(a) 24. 
. (b 35 
. (d) 45. 


(d) 114. 
(c) 124. 


(d 5. 
(b) 15 
(a) 25. 


(d) 115. 
(b) 125. 


(d) 


- (c) 


(d) 
(d) 
(d) 
(a) 
(a) 
(a) 
(a) 
(d) 


7 
17 
27. 
37 


. (d) 107. 
. (e) 117. 
. (b) 127. 
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Module | 
Unit 5 


Syllabus Mapping 


Tract 2000—Definitions of different terms, digital signature, electronic governance, 
attribution, acknowledgement and dispatch of electronic records, regulation of Er 
difying authorities, digital signature certificates, duties of subscribers. penalties and 
adjudication, appellate tribunal, offences and cybercrimes. j 


5.1 INFORMATION TECHNOLOGY ACT 2000 


High-speed Internet connectivity has no doubt brought about a communication revolution. However, 
on the flipside, it has led to an increase in online crimes. A rise in these offences necessitated effec- 
tive laws for protection online. Keeping this in mind, the Indian Parliament passed the Information 
Technology Act 2000 (No. 21 of 2000). This was conceptualized on the United Nations Commissions 
on International Trade Law (UNCITRAL) model. 

The Government of India enacted the Information Technology (IT) Act with the objective to deliver 
and facilitate lawful electronic, digital, and online transactions, and mitigate cybercrimes. It defines the 
offences, along with the penalties for each category of offence, in detail. 

The IT Act of India provides legal recognition for transactions involving exchange of electronic 


data and other means of electronic communication, commonly referred to as electronic commerce (or 
e-commerce). E-commerce involves alternatives to paper-based methods of communication and storage 


of information. 


5.2 SALIENT FEATURES OF IT ACT 


Some of the key features of the IT Act are listed here: 

Digital signatures have been replaced with electronic signatures. 

A detailed note on offences, penalties, and breaches is given. 

It talks about the justice dispensation systems for cybercrimes. l 

It provides details for the constitution of the Cyber Regulations Advisory Committee. 

The Act is based on The Indian Penal Code 1860, The Indian Evidence Act 1872, The Bankers’ 


Books Evidence Act 1891, The Reserve Bank of India Act 1934, etc. 


S Itadds a provision to Section 81, which states that nothing contained in th 
ht conferred under the Copyright Act 1 957. 


Person from exercising any rig 


eR ene 


e Act shall restrict any 


= yY 
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5.3 DEFINITION 


i tion Te 
The term ‘Act’ here means the Informat 2 
India and is also applicable to any offence or contravention c 


The Act also clarifies that no clause given in this Act shall apply to 


a negotiable instrument as defined in Section 13 of the Negotiable Instruments Act 1881, 


logy Act 2000. The IT Act extends to the whole 
rig ommitted outside India by any person, of 


A a power-of-attorney as defined in Section 1A of the ARMUT MET Act 1882, 

y t as defined in Section 3 of the Indian Trusts Act » n ; ; 

i awil ^ defined in Clause (h) of Section 2 of the Indian Succession Act 1925 including any Other | 
testamentary disposition by whatever name called, : A 

5. any contract for the sale or conveyance of immovable property or any interest in such property, and | 

6. any such class of documents or transactions as may be notified by the Central government in the 
official gazette. 

To read and understand the IT Act, one must know the context in which certain terms are used, The 

following are the key terms. 


Act The Information Technology Act 2000 (21 of 2000) 


Applicant The certifying authority 
Auditor Any internationally accredited computer security professional or agency appointed by the cer- 
tifying authority and recognized by the controller for doing a technical audit of the work done by the 


certifying authority 

Controller The controller of certifying authorities appointed under Sub-section (1) of Section 17 of the 
Act 

Digital signature certificate The digital signature certificate issued under Sub-section (4) of Section 35 
of the Act 

.. asset All information resources utilized in the organization for conducting its business, 
including all the information, applications (i.e., software developed or hased’ l 
(hardware, system software, and networks) E EORUM ai 


Licence A licence (or permission) granted to certifying authorities fc i igital si 
certificates under the defined rules à SEP QUE e 


Licensed certifyii it ifyi i i 
Eu ifying authority The certifying authority who has the licence to issue digital signature 
Person An individual, a company, an association, a body of indivi 

y i , ly of individuals, or the C. ent or 
State government or any of the ministries or departments, agencies or stories ae 
Schedule The Act has two schedules, the First Schedule de 


j aling with doc actions t0 
which the Act shall not apply, and the Second Schedule, dealing wi ee i 
authentication techniques and oia » dealing with electronic signatures or electronic 


Subscriber identity verificati ER : 
subscriber "citet method "The method used to verify and authenticate the identity of? 


Trusted person Any person who has 


l. direct responsibilities towards the day-to-day operations, Security, forman those busi 
fits > , and perfi f those bus" 
ness activities that are regulated under the Act or these rules in respect > Seating: authority; % 
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di involving the i i 
; oa directly E a b epe renewal, suspension, revocation of digital signature certif- 

N - gates (including cation of any person requesting a digital si i 
à *w | x certifying authority), creation of private keys, or et i ns i cote rear = . 
. | aoe cios E nistration of a certifying authority's 
| Any facility from where Internet access is off i 

| ome ee út he publie is offered by any person in the ordinary course of 
| ES The IT Act contains 13 chapters and 90 sections. 
| 53.1 Amendments to IT Act 
The IT Act has undergone amendments, which have been provided in Schedule 144. 


The First Schedule has widened the scope of the term document to bring within its ambit electronic 

documents. 

The Second Schedule pertains to the inclusion of electronic documents in the definition of evidence. 

The Third Schedule amends the Bankers’ Books Evidence Act. As per this amendment, a banker s 

book now includes printouts of data stored in a floppy, disc, tape, or any other form of electromag- 

= | netic data storage device. 

he 4. The Fourth Schedule amends the Reserve Bank of India Act. It regulates the transfer of funds 
through electronic means between the banks or between the banks and other financial institutions. 


1. 


2 
» 


5,4 DIGITAL SIGNATURE 


We use a signature to validate a document. Similarly, a digital signature is a technique that is used to 
validate the legitimacy of a digital message or a document. A valid digital signature assures the recipient 
ui that the message was generated by a known sender. It also rules out the possibility of non-repudiation 


y | (the sender cannot deny having sent the message). 
Electronic signature An electronic signature or e-signature also plays the same role. It ensures that the 
E person who has signed the document has created the message. It also indicates that the person accepts 


the purposes recorded in the document. 
ES {in many companies, digital seals are also required for another layer of authentication and \ 
eun : VIT ON ne 
Digital signature to electronic signature The term digital signature was defined in the old IT Act 
2000. However, the term electronic signature was defined by the amended Act (IT Act 2008). The con- 
cept of electronic signature is broader than digital signature. Section 3 of the Act states that the veri- 
fication of electronic records by electronic signatures or electronic authentication techniques shall be 
i pe ed reliable. hnologi are presently in use— digital signature, biome- 
According to UNCITRAL, the following techno ogies are en ee 
fric device, PIN, password, scanned handwritten signature, signature by digital pen, and clickable ‘OK’, 
TAccept’, or “I Agree’ click boxes. 


tr 
a 
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OVERNANCE M 
ved ELECTRONIC i the application of information and communication tech. 


‘ ce or e-governance is services or exchanging information betwee, 

Electronic ‘all ivering government xs 

nology (I tizen mts severament-o-business (G2B), government-to-government (G2G), goy, 
CT) esi | 


government-to-ci (G2E) as well as back office processes. E-governance enables citizens to 
loyees 


the e- 
services in a convenient, efficient, and transparent manner. To support the governance 


system, IT Act has the following provisions. any other matter in writing or in the 


Legal recogni rds Any information or , 1 
T agen poesie ^mm linn or made available in an electronic form, and made 
typewritten or l 


accessil to be usable for a subsequent reference. f 
Legal Bea of digital signatures According to the law, information = TUN ee shall be 
authenticated by affixing a signature. Documents shall be signed or bear the , 3 E seed Peron 
Such a requirement will be satisfied, if such information or matter 1s authentica! da a digital 
signature affixed in such manner as may be prescribed by the Central government. * 
Use of electronic records and digital signatures by government and its agencies vn facilitates 
the filing of any form, application, or any other document with any office, authority, y, or agency 
owned or controlled by the appropriate government in electronic form. It also allows the receipt or pay. 
ment of money in electronic form. 
The appropriate government (state or central) may define rules regarding the manner and format in 
which such electronic records shall be filed, created, or issued. Rules may also define the manner or 
method of payment of any fee or charges for filing, creation, or issue of any electronic record under 
Clause (a). 
Retention of electronic records The law states that if documents, records, or information is retained 
for any specific period, they may be retained in the electronic form, if 


1. the information contained therein remains accessible so as to be usable for a subsequent reference; 
2. the electronic record is retained in the format in which it was originally generated, sent, or received 
or in a format which can be demonstrated to represent accurately the information originally gener- 
ated, sent, or received; and 
3. the details which provide for the identification of the origin, destination, date, and time of dispatch 
or receipt of such electronic records that are available in the electronic record. 


The only exception to this case can be any 
Purpose of enabling an electronic record to be dispatched or received. 
Publication of rule, regulation, etc., in electronic gazette 
order, est or any other matter shall be pu 
gazette prov t the date of publicati 

Pl re publication shall be deeme: 
Not to eonfer to insi. 

Pu gd ríght to insist document shoul 


or grant) a right 
government or the ght upon any perso 


information which is automatically generated solely for the 


The Act also states that any rule, regulation, 
blished in the official gazette or electronic 
d to be the date of the gazette which was firs 


A 


Serr Y 
seo» Y 


Gao E E SF 
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" sie rules by Central government in respect of digital signature The Central government 
scri 

die type of digital signature; 

format and the way in which the digital signature shall be affixed; 

ps procedure which enables identification of the person affixing the digital signature; 

control processes and procedures to ensure adequate integrity, security, and confidentiality of elec- 

tronic records or payments; and 

any other issue which is used to give legal effect to digital signatures. 


sono 


56 ATTRIBUTION, ACKNOWLEDGMENT, AND DISPATCH OF 
ELECTRONIC RECORDS 


This section mainly deals with electronic contracts. Attribution means the act of establishing a particular 
on as the creator of a work. With respect to the IT Act, attribution of electronic records means fixing 
identity of sender and receiver. It states that originator is a person who sends or generates any electronic 
record and receiver means the addressee. For example if ‘A’ sends an email to ‘B’, then ‘A’ is the sender 
or originator and ‘B’ is the addressee. In case of postal communication or paper communication, it is 
easy to identify originator and addressee but in electronic communication it is not that straight forward 
because the electronic record can be sent by the originator himself, or by the person who has been 
authorized by the originator, or by an information system that the originator has authenticated. 


Attribution of electronic records An electronic record shall be attributed to the originator in the fol- 
lowing cases: 


1. Ifthe record was sent by the originator himself. 

2. Ifthe record was sent by a person who was authorized to act on and send the electronic record on 
behalf of the originator. 

3. If the record was automatically sent 


originator. 


by an information system programmed by or on behalf of the 


Acknowledgment of receipt If a particular form and method of the receipt of electronic record has 
not been mutually decided upon by the originator and addresses, an acknowledgment may be given by 


automated or otherwise; or 


l any communication by the addressee, : 
e originator that the electronic record has been received. 


2. inany other way sufficient to indicate to th 
If the originator has clearly stated that the electronic record shall be binding only on receipt of an 
acknowledgment of the electronic record, unless acknowledgment has been received by the originator, 


the electronic record shall be deemed to have been never sent by the originator. 


If the originator has not stated anything regarding the binding of electronic record only on receipt of 
een received by the originator within the time speci- 


acknowledgment, if the acknowledgment has not b ed r eti 
ed or agreed, or if no time has been specified or agreed to within a reasonable time, the originator may 
8Ve a notice to the addressee stating that no acknowledgment has been received and also specifying a 
"easonable time by which the acknowledgment must be received. Even after doing so, if no acknowl- 
gment is received within the aforesaid time limit, the originator may, after giving a notice to the 
"Ülressee, treat the electronic record as though it has never been sent. 
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i f dispatch has not 
Time f electronic record If the time of d tng 
ving wt ee ee pe nate the dispatch of an electronic record occ whe 
agreed upon between the originator and the 


ide the control of the originator. 
it enters a computer resource eat has not been mutually discussed and agreed upon between te 


meaning of receipt or E 
Inte ud z two scenarios can occur. 


origina! ddressee, » 

vis for the purpose of receiving el 
irst, i ssee has designated a computer resource n 

3 a a asm of the electronic record occurs at the time the record enters the designated con, 


2 Dont. if da aloes has not designated a computer resource, the receipt occurs at the time thy 


electronic record is retrieved by the addressee. he 
i lly discussed and agreed upon between the originator ang 
chess en carte lo be dispatched at the place where the originator has hiy 


addressee, an electronic record is deemed 5 
ei place of business, and is deemed to have been received at the place where the addressee has hig/her 


lace of business. ' n 
j If the place where the computer resource is located is different from the place the electronic record is 


deemed to have been received, and if the originator or the addressee has more than one place of business, 


the principal place of business shall be the place of business. j \ 
daa if the originator or the addressee does not have a place of business, the place of residence (or 


a place where the business is registered) shall be deemed to be the place of business. 


5.7 REGULATION OF CERTIFYING AUTHORITIES 


The working of the computer, computer network, and computer system must have an identification strat- 
egy to ascertain the integrity, confidentiality, and authentication of electronic communication. Usually, 
the electronic environment uses digital signatures to identify and prove transactions. Therefore, there 
is a need for trusted third parties to authenticate that a digital signature belongs to a specific signer and 
distribute them the public keys. So, important terms in this section include: 
the Certifying Authority which issues Digital Signature Certificates by authenticating the subscriber’ 
identity. However, it can issue certificates only after obtaining a licence from the Controller of Certifying 
Authorities or Root Certifying Authority of India (RCAD. 


Appointment of Controller and Other Officers 


The Central government may, by notification in the official gazette, appoint a controller of certifying 

authorities and a number of deputy controllers and assistant controllers as it deems fit for the purposes 

of this Act. 

1. The controller will 
Central government. 


aa contro ller will assign tasks to the deputy controllers and assistant controllers. They will there 


rou i Paci the general superintendence and control of the controller. 
i me qualifications, experience, and terms and conditions of service of the controller, deputy co” 
ers, and assistant controllers shall be laid out by the Central government. 


The 
e ead se and branch office of the office of the controller shall be determined by the Central g0 
ernment. There shall be a seal of the office of the controller. 


perform all his/her functions under the general control and directions of the 


2. 
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jons of Controller 
Jer may perform all or any of the following functions: 


qpe control 
‘ ise the activities of the certifying authorities. 
i certify public keys of the certifying authorities. 
4, Lay down the xciv da maintained by the certifying authorities. Specify the qualifications 
and experience 2 s possessed by the employees of the certifying authorities. 
& i the con s a ler which the certifying authorities shall conduct their business. 
5. Specify the contents of written, printed, or visual materials and advertisements that may be distrib- 
uted or used in respect of a digital signature certificate and the public key. 
6. Lay out the format and content of a digital signature certificate and the key. 
7.5 ify the manner in which accounts shall be maintained by the certifying authorities. 
Specify the terms and conditions under which auditors may be appointed and the remuneration to 
be paid to them. 
, Facilitate the establishment of any electronic system by a certifying authority either solely or jointly 
with other certifying authorities and regulation of such systems. 
10. Specify the manner in which the certifying authorities will deal with the subscribers. 
. Resolve any conflict of interests between the certifying authorities and the subscribers. 
12. List the duties of the certifying authorities. 
Maintain a database of the disclosure record of every certifying authority consisting of all the par- 
ticulars specified by regulations. This database should be made accessible to the public. 


5.8 DIGITAL SIGNATURE CERTIFICATES 


We know that a digital signature certificate is issued by the certifying authorities for validating and cer- 
tifying the identity of the person holding it. The certificate contains information about the user’s name, 
pin code, country, email address, date of issuance of certificate, and name of the certifying authority. 


Certifying Authority to Issue Digital Signature Certificate 
Any person may apply for the issue of a digital signature by the certifying authority in a form as pre- 


scribed by the Central government. 
Every application shall be accompanied by the specified fee (not exceeding twenty-five thousand 
Tüpees) as prescribed by the Central government. This fee will be paid to the certifying authority. 
Every application shall be accompanied by a certification practice statement. In the absence of such a 
fied by the regulations should be attached. 


statement, a statement containing particulars as specifie E sogn eE 
On receipt of an application, the certifying authority may, after consideration of the certification 


Practice statement or the other statement, make enquiries to validate the statement. And in case it deems 
fit the certifying authority grants the digital signature certificate. Otherwise it rejects the application. 


Todetermine whether to grant the digital signature or reject the application, the certifying authority first 


ensures the following: : 

L Whether the applicant holds the private key corresponding to the public key to be listed in the dig- 
ital si i SUM 

a... which is capable of creating a digital signature 


i Whether the applicant holds a private key, 


Y 
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cate can verify a digital signature affixed by the 


Whether the public key to be listed in the certifi 


ivate key held by the applicant E" 
private key ation cannot be rejected unless the applicant has been given reasonable opportunity 


t the proposed rejection. 


3. 


Moreover, an applic 
to show cause agains! " 2 
Ic 
Representations Upon Issuance of Digital Signature Sn 
While issuing a digital certificate, the certifying authority shall certify 
i ecified in this Act; \ 
r the rules and regulations sp gas PARA 


. itis being provided as pe à j 
Y d ay ficate is published, is available 


2. the digital signature certi: 


ted by the subscriber; E Neto 3 i 

3. comen de holds the private key corresponding to the public key which is listed in the digital 
ignature certificate; ks 14 
ae vate key constitute a functioning key pair; 


4. the subscriber's public key and pri 
5. the information given in the digital 
6. it has no knowledge of any fact wi 

would adversely affect the reliability of the repres 


| signature certificate is accurate; and f 4 : 
hich, had it been included in the digital signature certificate, 
entations made in the clauses specified herein. 


Suspension of Digital Signature Certificate 

The certifying authority which issued a digital signature certificate may suspend it in the following 
scenarios: 

1. If it receives a request either from the subscriber listed in the digital signature certificate, or any 


person duly authorized to act on behalf of that subscriber. 
2. Ifthe digital signature certificate should be suspended in public interest. 


However, the digital signature certificate shall not be suspended for a period exceeding 15 days unless 
Haar has been given the opportunity of being heard in the matter. 

'urther, while suspending the digital signature certificate, the certifyi i i 
eee qr c ‚the certifying authority shall communicate 


Revocation of Digital Signature Certificate 


A certifying authority ma; n : e A 
ee ty may revoke a digital signature certificate issued by it under the following 


2 Grm seth a be ab ns person authorized by him/her makes a request to revoke it 
: i E solution of the firm or winding-up of the company where the subscriber is a firm or? 
l iue iem Edd that a material fact represented in the digital signature certificate is 
des Be reed e digital signature certificate was not satisfied 

affect the reliability of the digital hos Beste e id has been compromised in a way that c9? 


C 
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igital signature certifi 
gov a digital signature cate shall not be revoked 
p^ ‘ying authority shall communicate the same to the 


ice of Suspension or Revocation 


om" gital signature certificate is suspended ifyi 
potice of such suspension or revocation. ee an ine 


59 pUTIES OF SUBSCRIBERS 


bscriber is the person who $ ; 
general asul x pays certain subscription amount to avail some kind i 
age , : of service. 
similarly, in the Public Key Infrastructure (PKT), subscriber is the customer who pays to become a ccn 


igital Signature Certificate ‘club’ A 
per of the Digital ate “club”. After sub: Bac : 
Mit is bound to fulfil die following suu for the Digital Signature Certificate, a 


Generation of Key Pair 


Whena digital signature certificate is issued, the public key of the subscriber is mentioned in the certif- 
icate. Now, it shall be the duty ofthe subscriber to generate his/her private key by applying the security 
procedure. The key pair is generated in such a way that any text encrypted using a public key can be 
decrypted by its corresponding private key. 


Acceptance of Digital Signature Certificate 


1. A subscriber shall be deemed to have accepted a digital signature certificate if he/she publishes or 

authorizes the publication of a digital signature certificate to one or more persons or in a repository, 

or approves the digital signature certificate in any manner. 

2. By accepting a digital signature, the subscriber certifies to all those who rely on the information 

contained in the digital signature certificate that 

(a) the subscriber has the private key corresponding to the public key specified in the digital sig- 
nature certificate; 

(b) all representations made by the subscriber to the certifying authority and all the information 
contained in the digital signature certificate is true; and 


(c) all the information in the digital signature certificate that is within the knowledge of the sub- 
scriber is true. 


Control of Private Key 


i i responding to the public key 
^ Every subscriber shall take care to retain control of the private key corresp g p 


listed in his/her digital signature certificate. The subscriber shall take all AE necessary to prevent 

the disclosure of the private key to a person not authorized ip Y nus edite has been 
2. Ifthe private key corresponding to the public key listed in the digital enda ee 
compromised, then, without any delay, the subscriber shall communica\ 


authority in the way as specified by the regulations. 


gu: IE — Y 


in Business 


Information Technology and its Applications 
146 ) 


* 4 4 informs the N 
ubscriber shall be considered liable until he/she 
tates that the s bscrib: ce 


Kran prse key has been compromised. 


authority that the 
ADJUDICATION 


and Computer System 


5.10 PENALTIES AND 
T, 
Penalty for Damage to Computer, ther person who is in charge of a computer, 
ds files, copies, or extracts any data, introduces 


If any person without permission of the owner or en 
en or computer network accesses down! ” A il 
i i mputer virus in it, dama; dam: ied uh rupt t 
S ia S a causes the denial of access to any person autho: ess iti 
or causes its disruption, 
MES i ther person to facilitate access to a computer, com. 
person who provides any assistance to any othe! p 0 " 
eu an uter network or charges the services availed of by a person to the account of 
ics ehe mputer, computer system, or compute network 


person by tampering with or manipulating any coi 0 
Fer ee Gi by way of compensation not exceeding one crore rupees to the person so 


affected. 
Definitions in This Clause 


Computer contaminant It refers to a set of computer instructions that are designed 


1. to modify, destroy, record, or transmit data or programs residing within a computer, computer sys- 
tem, or computer network; or ; 

2. byany means to usurp (take illegally or by force) the normal operation of the computer, computer 
system, or computer network. 


Computer database It refers to a representation of information, knowledge, facts, concepts, or instruc- 
tions in text, image, audio, and video that are being prepared or have been prepared in a formalized 
manner or have been produced by a computer, computer system, or computer network and are intended 
for use ina computer, computer system, or computer network. 
Computer virus It refers to any computer instruction, 
damages, adversely degrades, affects the performance of c 
computer resource and operates when a program, date, 
takes place in that computer resource. 
Damage It refers to the destruction, 
any computer resource by any means. 


information, data, or program that destroys, 
omputer resources, or attaches itself to another 
or instruction is executed or some other event 


alteration, deletion, addition, modification, or re-arrangement of 


Penalty for Failure to Furnish Information and Returns 


fying authority fails to do the same, he/she shall be li 
Patrini e rir shall be liable to a penalty not exceeding one lakh and 
If a person who is su; 


Tf > pposed to file any return or furni h i i locum 
within the time fails to do so, he/she shall be liable to vs B Sense er " 


every day during which such failure continues, Penalty not exceeding five thousand rupees 


T 
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who is expected to maintai 
tain books of accounts or records fails to do the same, he/she 


Ifa P je to a penalty not exceedi 
| be liable ding ten thousand rupees for every day during which the failure 


fue: 
n duary Penalty 

cane cn ante made under this Act, for the contravention of which no 

TN be) has ien irs pac io € liable to pay a compensation not exceeding twenty-five 

d rupee: by such contravention or a penalty not exceeding twenty-five 


Nu. eil rupees. 


ti | power to Adjudicate 
Com, | Forthe purpose of adjudging (make a formal judgment on a disputed matter) if any person has commit- 

| a contravention (an action which goes against a law, treaty, or other ruling) of any of the provisions of 
¡s Act or of any rule, regulation, direction, or order made under the Central government shall appoint 
fficer not below the rank of a director to the Government of India or an equivalent officer of a state 
t to be an adjudicating officer for holding an inquiry in the manner prescribed by the Central 


w 


any O! 
governmen 


t. 
ee 
The adjudicating officer shall give the person reasonable opportunity for making a representation in 


the matter. If, after an inquiry, the officer finds that the person has committed the contravention, he/she 
may impose such penalty, award, or compensation as he/she thinks fit in accordance with the provisions 


of that section. 


No person sha! 
information technology and legal matters as prescribed by the Central government. 


If more than one adjudicating officers are appointed, the Central government shall specify by order 
the matters and places with respect to which such officers shall exercise their jurisdiction. 
Every adjudicating officer shall have the powers of a civil court which are conferred on the Cyber 


Appellate Tribunal. 


Factors to be Taken into Account by Adjudicating Officer 
e adjudicating officer shall consider the following factors: 


11 be appointed as an adjudicating officer unless he/she is experienced in the field of 


225 


While adjudging the compensation, th 


1. the amount of gain of unfair advantage, 
nt 2. the amount of loss caused to any person as a re; 
| 3. the repetitive nature of the default. 


whenever quantifiable, made as a result of the default; 
sult of the default; and 


gs 


5.11 CYBER REGULATIONS APPELLATE TRIBUNAL 
Tribunals are an important feature of the Indian judicial system as they resolve disputes especially those 
j related to technical areas. For this, they require technical knowledge and familiarity with specialized 


y | factual scenarios. 


s | SILI Establishment 
pellate tribunals to be known as 


The Cen E : 
tral tion, establish one or more ap] unal 
government shall, by notifica en le ar 


| he Cyber Regulati ibunal. The Ce 
| egulations Appellate Tribunal. meise edition. 


the matters and places in relation to which the tribunal may 
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5.11.2 Composition 


The Cyber Appellate Tribunal shall consist of only one 
be appointed, by notification, by the Central government. 


5.11.3 Qualifications for Appointment as Presiding Officer of Cyber 
Appellate Tribunal 


A person shall be qualified for appointm 
she is, has been, or is qualified to be a judg 
Indian Legal Service and is holding or has 


5,11.4 Term of Office 


The Presiding Officer of Cyber Appellate Tribunal shall hold office for a term of five years from the dat, 
on which he/she enters upon his/her office or until he/she attains the age of sixty-five years, whichever 


is earlier. 
5.11.5 Salary, Allowance, and Other Terms of Service of Presiding 
Officer 


The salary and allowances payable to, and the other terms and conditions of service including pension, 
gratuity, and other retirement benefits of the Presiding Officer of Cyber Appellate Tribunal shall not be 
varied to his/her disadvantage after appointment. 


person (to be known as the Presiding Officer ^ 


ent as the Presiding Officer of Cyber Appellate Tribunal ifhy 
e of a high court; or if he/she is, or has been, a member Of the 
held a post in Grade I of that service for at least three year, 


5.11.6 Filling-up of Vacancies 


If for any reason other than temporary absence, a vacancy occurs in the office of the Presiding Officer of 
a Cyber Appellate Tribunal, then the Central government shall appoint another person and the proceed- 
ings may be continued before the Cyber Appellate Tribunal from the state at which the vacancy is filled. 


5.11.7 Resignation and Removal 


The Presiding Officer of Cyber Appellate Tribunal may, by notice in writing under his/her hand addressed 
to the Central government, resign his/her office. However, the Central government can permit him/her 
to relinquish his/her office sooner, but make him/her continue to hold office until the Sater of three 
months from the date of receipt of such notice or until a person duly appointed as his/her successor 
enters upon his/her office or until the expiry of his/her term of office, whichever is the earliest. 
The Presiding Officer shall not be removed from his/her office except by an order by the Central 
alle ae as a imus rt or incapacity after an inquiry made by a judge of 
uprem i ing Officer shall be in; i i i 
reasonable opportunity of being heard in respect of pe e i 


The Central government may, by rul i i 
ne eet da es, regulate the procedure for the investigation of misbehavior 0 


5.11.8 Orders Constituting A el 1 
late Ti " 
Invalidate Procesdines ate Tribunal to be Final and not 


The order of the Central gov An ; 
Tribunal shall not be > government appointing any person as the Presiding Officer of a Cyber Appellate 


jestioned in any manner. Moreover, no act or proceeding before a Cyber Aj 


heard. It the 
against. 
The Cyb 
the concern 
The app 
and endeav 
appeal. 


5.11.11 


The Cyber 
1908, but : 
Appellate. 
have its si 


To perfor 
Code of C 


y“ 


A, RES 
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¡shall be called ‘questionable’ in any mann 3 
qi (the Cyber Appellate Tribunal. er merely on the basis of any defect in the constitu- 
;of 0) 


the 
taff of Cyber Appellate Tribunal 


"m 
119 $ shall provid 
t provide the Cyb i 
entral government ST? e Cyber Appellate Tribunal with officers and empl Th 
Tiers and employees shall dischar ge their functions under the general optione hice a 
„Their salaries, any ances, and other conditions of service shall be prescribed by the Central 


p „ernment. 
s.l 1.10 Appeal to Cyber Regulations Appellate Tribunal 


aggrieved by an order made by the controll nat u 
Any N RE EN ler or an adjudicating officer may appeal to a 
oet Appellate Tribunal having jurisdiction in the matter. However, no appeal shall lie to the Cyber 
appellate Tribunal from an order made by an adjudicating officer with the consent of the parties. 

The shall be filed within a period of 45 days from the date on which a copy of the order made 
py the controller or the adjudicating officer is received by the person aggrieved. The appeal shall be in 
the bed format and accompanied by the specified fee. In case the person aggrieved files the appeal 

45 days, it will be accepted only if the Cyber Appellate Tribunal is satisfied that there was sufficient 
cause for not filing it within that period. 
an appeal, the Cyber Appellate Tribunal gives both the parties an opportunity of being 


On receipt of 
heard. It then passes orders as it thinks fit, confirming, modifying, or setting aside the order appealed 


against. > 
The Cyber Appellate Tribunal shall then send a copy of every order made by it to the parties and to 


the concerned controller or adjudicating officer. 
The appeal filed before the Cyber Appellate Tribunal shall be dealt with as expeditiously as possible 


and endeavour shall be made to dispose off the appeal within six months from the date of receipt of the 
appeal. 


5.11.11 Procedure and Powers 
not be bound by the procedure given by the Code of Civil Procedure 
nciples of natural justice and other provisions of this Act. The Cyber 
late its own procedure including the place at which it shall 


The Cyber Appellate Tribunal shall 
1908, but shall be guided by the pri 
Appellate Tribunal shall have powers to regu 
have its sittings. 

To perform its functions, the tribunal shall 
Code of Civil Procedure 1908 while trying 


have the same powers as are vested in a civil court under the 
a suit, in context of the following matters: 


ce of any person and examining him/her on oath 


Summoning and enforcing the attendan 
Finding and producing documents or other electronic records 
iving evidence on affidavits 


1 

2 

3 

T Issuing commissions for the examinati itnesses or documents 
6 

7 


ion of w 
: Reviewing its decisions l 
issing an application for default or deciding it ex parte 
other matter which may be prescribed 
shall be deemed to be a judicial proceeding. 


B E 
Very proceeding before the Cyber Appellate Tribunal 


Y 
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5.11.12 Right to Legal Representation TAI 
i i thorize one OT a 
lant may either appear In person or au > 
edge present his her case before the Cyber Appellate Tribunal 


5.11.13 Civil Court Not to Have Jurisdiction 


icti i i ding of any matter which an adjudicat; 
have jurisdiction to entertain any suit or proceeding à 
prese ey im Tribunal constituted under this Act is en = ee m ali m 
any order in respect of any action taken or to be taken by the adjudicating o! ppellay 


Tribunal according to any power conferred by or under this Act. 


5.11.14 Appeal to High Court nee 

i i ision or order of the Cyber Appellate Tribunal, e/she may file an 
ee En piel di reta from the date of Communication of the decision or the order 
to him/her. If the aggrieved person fails to appeal within 60 days, his/her appeal will be accepted only 
if the High Court is satisfied that the appellant was prevented by sufficient cause from filing the appeal 
within the said period. In that case, the applicant is allowed to file the appeal within a further period not 
exceeding 60 days. 


5.11.15 Compounding of Contraventions 


Any contravention (offence under this law) may be compounded by the controller or other officer spe- 

) cially authorized by him/her or by the adjudicating officer. However, the sum shall not, in any case, 
exceed the maximum amount of the penalty which may be imposed under this Act for the contravention 
so compounded. 


Moreover, nothing in the sub-section shall apply to a person who commits the same or similar contra- 


vention within a period of three years from the date on which the first contravention committed by him 
was compounded. 


Any second or subsequent contravention committed after the expiry of a period of three years 


from the date on which the contravention was previously compounded, shall be deemed to be the first 
contravention. 


5.11.16 Recovery of Penalty 


A penalty imposed under this Act, if not paid, shall be recovered as an arrear of land revenue and the 
licence, the digital signature certificate, and the case shall be suspended till the penalty is paid. 


5.12 OFFENCES AND CYBERCRIMES 


These days, criminals take advantage of IT to affect society in different e dis 
cussed cybercrimes in detail. In this section, we will En the pee "s an have 
been taken by the Government of India to protect its citizens against such attacks. 
The term cybercrime covers a wide range of criminal activities that makes use of a computer. Som 
common examples of such crimes include identity theft, financial fraud, website defacements, 
bullying, hacking of databases, theft of intellectual property, cyber harassment (harassing a person based 
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, racial, religious, or other factors), software pi E 
os ser og access of computerized information to EM transmission of harmful programs, and 


€ ae Era bite pun become popular, financial gain, to take revenge, forging docu- 

ed domes ed pi ae ck can result in financial losses, theft of intellectual 
i To avoid 

eim A t a legislation to ern Technology Act 2000, which is primar- 

5.12.1 Tampering with Computer Source Documents 


son who knowingly or intentionally conceals, destroys, or alters any computer source code used 

a computer, computer program, computer system, or computer network, when the source code is 

required to be kept or maintained by law for the time being in force, shall be imprisoned for three years, 
t which may extend up to two lakh rupees, or be punished with both. 


or fined with ar amount 
Here, the term computer source code means the listing of programs and commands, and the design, 


layout, and program analysis of computer resources in any form. 


5.12.2 Hacking with Computer System 

wrongful loss or damage to the public or any person 

ding in a computer resource or diminishes its value 

damages it by any means, commits hacking and shall be punished with impris- 
or with a fine which may extend up to two lakh rupees, or with both, shall be 

h may extend to two-three years and with fine. 


o knowingly or intentionally causes 


A person wh 
deletes, or alters any information resi 


who destroys, 
or utility, Or permanently 


onment up to three years, 
punished with imprisonment for a term whic! 
5.12.3 Punishment for Sending Offensive Messages through 


Communication Service 


Any person who sends offensive messages using a computer resource or a communication device, or 
who passes any information or electronic mail which he knows is false, but for the purpose of causing 


annoyance, inconvenience, danger, obstruction, insult, injury, criminal intimidation, enmity, hatred, or 
ill-will using a computer resourc tion device, shall be punished with imprisonment for 


e or a communica 
aterm which may extend to two— 


three years and with fine. 

5.12.4 Punishment for Dishonestly Receiving Stolen Computer 
Resources or Communic 

uter resource or communication device 


ation Devices 
À person who di i i tolen comp! 
o di; s or retains any S Y : 
knowin, i u, e to be stolen computer resource or communication device, 
g or having reason to believe the sam B ei viih an amount which 
be either imprisoned with a term which may extend to three years, Xs 
May extend to one lakh rupees, or with both. 
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5.12.5 Punishment for Identity Theft eee 


ic si s. 

i s electronic signatures, s ac, 
fraudulently ie eg pein imprisoned for a term which may €: hres Pa] 
se wich may extend to rupees one lakh. 


A person who 
identification feature O: 
and also be liable to pay a fine 
5.12.6 Punishment for Cheatin 


e resource cheats by personation, he/she shall be 


perso i i ter ] 
" mmunication device or comput Agence: idan 
po A men may extend to three years and also be lial p 


to rupees one lakh. 
5.12.7 Punishment for Violation of Privacy 


i i i f a private 
j i blishes, or transmits the image o area 
intentionally or knowingly captures, pul , or tral e fener S 
" iore ii his i her consent, under circumstances violating a nue sie i ode € 
be i tone for a term which may extend to three years, or fined with an g 


lakh rupees, or with both. 


g by Personation by Using Computer 


Definitions 


Transmit It me: 
persons. 
Capture It refers to the act of filming or recording an image. 
Publish It refers to the reproduction of say, an image, in printed or electronic form, and making it avail- 
able to the public. 


ans to electronically send a visual image with the intent that it be viewed by a person or 


5.12.8 Publishing of Information which is Obscene in Electronic Form 


A person who publishes or transmits or causes to be published in the electronic form, any material 
which is lascivious (feeling or revealing an overt sexual interest or desire) or appeals to prurient (hav- 
ing or encouraging an excessive interest in sexual matters, especially the sexual activity of others) 
interests, or if its effects to deprave (make immoral) and corrupt persons who are likely, having regard 
to rl a circumstances, to read, see, or hear the matter contained or embodied in it, shall be 
punished. 


On the first conviction, he/she shall be imprisoned for a term which may extend to five years and 
ares (eae which ied extend to one lakh rupees. For the second or subsequent conviction, 
on sl Imprisoned for a term which may extend to te i ich 

may extend to one lakh rupees. T ee cer COME 


5.12.9 Power of Controller to Give Directions 


[ ty or any empl ity to whe 
measures or cease carrying on such activities as Specified in the eh nn comp 
» rules, or any regulations made thereunder. Moreover, any person 
be guilty of an offence and shall be liable to be imprisoned fot? 
, or fined with an amount not exceeding two lakh 
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rections of Controll 
512.10 pe crypt Information er to Subscriber to Extend Facilities to 


Jler is satisfied that it is necessary, he/she i 
contro informati Be may, by order, direct any agency of the govern- 
p intercept yim T through any computer resource. This dreisio shall be 
en in the intere: : Integrity of India, the security of the state, friendly relati 
ok “m states or public order, or for preventing inci Rule TRIER Tease 
foreign E incitement to the commission of any cognizable 


wil 


e subscriber or ne pe in charge of the Computer resource shall, when called upon, extend all 
d technical assistance to decrypt the information. If the subscriber or any person in charge 


palitos ho called hi 
jjs to assist the agency who called him/her, he/she shall be imprisoned for a term which may extend 


seta years. 
512.11 Protected System 
The appropriate government may, by notification in the official gazette, declare any computer, computer 
, or computer network to be a protected system. The government may authorize persons who are 
those protected systems. 


allowed to access 
Any person who either accesses or attempts to access a protected system shall be imprisoned for a 


term which may extend to ten years and also be liable to pay a fine. 


5.12.12 Penalty for Misrepresentation 


Whoever makes any misrepresentation or suppresses any material fact from the controller or the certi- 
btaining any licence or digital signature certificate shall be imprisoned for a term 


fying authority for ol 
or fined with an amount which may extend to one lakh rupees, or with 


which may extend to two years, 
both. 

5.12.13 Breach of Confidentiality and Privacy 

electronic record, book, register, correspondence, informa- 


tion, document, or other material without the consent of the person concerned and discloses such elec- 
tronic record, book, register, correspondence, information, document, or other material to any other 
person, he/she shall be either imprisoned for a term which may extend to two years, or fined with an 


amount which may extend to one lakh rupees, or with both. 
5.12.14 Penalty for Publishing Digital Signature Certificate Falsely in 
Certain Particulars 
No person shall publish a digital signature cert 
Person if 
l. the certificate has not been issued; k 
d it; or 


the subscriber listed in the certificate has not accepte: 
the certificate has been revoked or suspended. 


Any Person who does so shall be imprisoned fora term which may extend to two years, 
mount which may extend to one lakh rupees, or with both. 


Ifany person accesses a protected system, 


ificate or otherwise make it available to any other 


or fined with an 
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ose | 
5.12.15 Publication for Fraudulent ice a digital signature certificate for ay 
d owing! blishes, or makes T extend to two years, or 
A dul -— à: Oben e imprisoned for a an: oed may fine 
espiral lakh rupees, or with both. | 
i tend to one E 
with an amount which may ex! qe Commiltiad | 


el 
5.12.16 Act to Apply for Offence or Contrav 
dia y 
itia nr hall apply also to any offence committed outside India by any person e 
The provisions of this sl 


spective of his/her nationality. ‘ 

Moreover, the provisions of this Act shall also dm 
and by any person irrespective of his/her nationality ifthe 
system, or computer network located in India. 


5.12.17 Confiscation 


i i t disks, tape drives, etc.) or any 
ter system, electronic storage device (compac y > x 
eee tut hasten contravened shall be liable to confiscation (the action of taking or seizin 
someone’s property with authority). 


o be applicable to an offence committed outside India | 
onduct involves a computer, Computer | 


5.12.18 Penalties and Confiscation Not to Interfere with Other 
) Punishments 


No penalty imposed or confiscation made under this Act shall prevent the imposition of any other 
punishment. 


5.12.19 Power to Investigate Offence 


A police officer not below the rank of Deputy Superintendent of Police shall investigate any offence 
under this Act. 


* The Government of India enacted the Information 
Technology (IT) Act to deliver and facilitate law- 
ful electronic, digital, and online transactions, and 
mitigate cybercrimes, 

* The IT Act defines the offences in a detailed man- 


ner along with the penalties for each category of 
offence. 


* Digital signature certificate shall not be suspended 
for a period exceeding fifteen days unless the sub- 
scriber has been given an opportunity of being 
heard in the matter, 

When a digital signature certificate is issued, the 
Public key of the subscriber is mentioned in the 
aces The subscriber has to choose a privat 

ey. 

Ifa person who was expected to maintain the book 
of accounts or records fails to do the same, he/sl* 
shall be liable to a penalty not exceeding ten thor 


sand rupees for every day during which the failu® 
continues, 


* The IT Act contains 13 chapters and 90 sections. 

* The Central government may appoint a controller 
of certifying authorities and a number of deputy 
Controllers and assistant controllers as it deems fit 
for the purposes of this Act. 


judge whether any person has committed a 
nu " vention of any of the provisions of this Act, 
cas rnment ‚shall appoint any officer 
P el ow the rank of a director to the Government 
of wal government shall, establish one or 
Te ¡late tribunals to be known as the Cyber 
se ions Appellate Tribunal. 
R presiding Officer of Cyber-Appellate Tribunal 
. al hold office for a term of five years from the 
on which he/she enters upon his/her office 
or until he/she attains the age of sixty five years, 
whichever is earlier. 
+ The person who knowingly or intentionally con- 
ceals, destroys, or alters any computer source code 
used for a computer, computer program, computer 
system, OT computer network, when the source 
code is required to be kept or maintained by law 
forthe time being in force, shall be imprisoned for 
three years, or fined with an amount which may 
extend up to two lakh rupees, or be punished with 
both. 
+ A person who dishonestly receives or retains 
any stolen computer resource or communication 


A ni Ta 


pet anng or having reason to believe the 

Amo! a stolen computer resource or commu- 

nication device, shall be either imprisoned with 

a term which may extend to three years, or fined 

with an amount which may extend to one lakh 

Tupees, or with both. 

Any person who either accesses or attempts to 

access a protected system shall be imprisoned for 

a term which may extend to ten years and also be 

liable to pay a fine. 

A person who knowingly creates, publishes, or 
makes available a digital signature certificate 
for any fraudulent or unlawful purpose shall be 
imprisoned for a term which may extend to two 
years, or fined with an amount which may extend 
to one lakh rupees, or with both. 

Some common examples of cybercrimes include 
identity theft, financial fraud, website deface- 
ments, cyber bullying, hacking of databases, theft 
of intellectual property, cyber harassment (har- 
assing a person based on sexual, racial, religious, 
or other factors), software piracy, transmission of 
harmful programs, and unauthorized access of 
computerized information. 


Anditor Any internationally accredited computer 
security professional or agency appointed by the cer- 
tifying authority and recognized by the controller for 
doing a technical audit of the work done by the cer- 
tifying authority 


Capture To film or record an image 


Computer database A representation of informa- 
tion, knowledge, facts, concepts, or instructions in 
‘ext, image, audio, video that are being prepared, or 
been prepared in a formalized manner, or have 
Produced by a computer, computer system, OF 
Computer network and are intended for use in a com- 
Puter, computer system, or computer network 


nimputer virus Any computer instruction, infor- 
de tion, data, or program that destroys, damages, 


, adversely affects the performance of a 


computer resource or attaches to another computer 
resource and operates when a program, date, or 
instruction is executed or some other event takes 
place in that computer resource 


Cyber café Any facility from where the Internet 
access is offered by any person in the ordinary course 
of business to the members of the public 


Damage Destroy, alter, delete, add, modify, or re-ar- 
range any computer resource by any means 


Digital signature A technique that is used to validate 
the legitimacy of a digital message or a document. A 
valid digital signature ensures the recipient that the 
message was generated by a known sender 


Information asset Refers to all information resources 
utilized in the organization for conducting its busi- 
ness. It includes all the information, applications 


1 Information Technolog) and its ‚Applications in 
56 y 
jj. e., $0) urchased), an echnol- 
| D, 

(i.e. ftware developed or p! ie d d ti 


ogy , system software 3 
i ission) granted to ce! 
Lero A Ta lage of digital signature 
oo under the defined rules D 
certifying authority The certifying 
authority who has the licence to issue digital signa- 


ture certificates 


Multiple-choice Questions 


1. Who issues the digital certificate? 
(a) Controller 
(b) Auditor 
(c) Certifying authority 
(d) Applicant 
2. How many Schedules are there in the IT Act 
2000? 
(a) 3 (c) 6 
(b) 4 (d) 2 
3. What is/are the component(s) of the IT Act 
2000? 
(a) Legal recognition to digital signatures 
(b) Regulation of certification authorities 
(c) Digital certificates 
(d) All of these 
4. Under whom does the controller of certifying 
authorities work? 
(a) Prime Minister's Office 
(b) Reserve Bank of India 
(c) Ministry of Communication & IT 
(d) Autonomous body 
5. Whatis the penalty for publishing images of a 
person's private parts without consent, as per 
the IT Act 2000? 
(a) Five years imprisonment or 5 lakh 
rupees penalty, or both 
(b) Life imprisonment 
(c) Three years imprisonment or 2 lakh 
rupees penalty, or both 
(d) None of these 


Business 


indivi company, or an k 

on An individual, ora associ, 

e or a body of individuals, or Central govem | 
e ernment, or any of the minis: 


ment or à state gov : bs 
or departments, agencies, Or authorities of BN 


governments 
Publishing Repro 
or electronic form 


Transmit Electronically send a visual image via | 
the intent that it be viewed by a person or persons 


ducing say an image, in the pri 
and making it available for Public 


6. What is the time limit for filing an appeal 
against the order of the Cyber Appellate 


Tribunal? 

(a) 30 days (c) 60 days 

(b) 90 days (d) 45 days 
7. What is the punishment for hacking 

computers? 


(a) Three years imprisonment or 10 lakh 
rupees penalty, or both 
(b) Life imprisonment 
(c) Three years imprisonment or 5 lakh 
rupees penalty, or both 
(d) Three years imprisonment and 5 lakh 
rupees penalty 
8. What is the term of the office of the Presiding 
Officer of the Cyber Appellate Tribunal? 
(a) 3 years (c) 6 years 
(b) 4 years (d) 5 years 
9. Which of the following is the court for 
appealing against the orders issued by the 
Cyber Appellate Tribunal? 
(a) Family court (c) High court 
(b) District court (d) Supreme Court 
10. Which of the following is an example of 


intellectual property? 
(a) Trademarks (c) Patent 
(b) Copyright (d) All of these 


11. Transactions carried out using electronic 
data interchange, and other means of 
communication are known as + 
(a) e-communication (c) e-commerce 


Y 


A 


Mi rnance (d) e-filing 
EN authentication to be affected by using 
tig etric encryption and hash function is 
‘ known as — — — \ 
@ public key (c) digital signature 
y private key (d) e-governance 
ig y An electronic record is verified using 
bs (e) public key (c) digital signature 
(b) private key (d) e-governance 


A digital signature is created using 
(8) Cryptography (c) Program 
(0) HTML (d) Coding 
15. A public key is used to 
(a) sign an electronic document 
) verify a signature 
(c) sign digitally 
(d) make payments 
16. The Central government appoints a 
who supervises the work of the certifying 
authority. 
(a) controller (c) subscriber 
(b) commissioner (d) superintendent 
17. The digital certificate is issued in the name of 
the P 
(a) controller (c) subscriber 
(b) commissioner (d) superintendent 
18. A digital signature is issued by the 


LL 


(a) Central government 
(b) state government 
(c) commissioner of certifying authority 
(d) controller of certifying authority 
19. A digital certificate can be revoked by the 


(a) Central government 

(b) state government 

(c) certifying authority 

(d) subscriber 

2. Which of the following is not a part of 
€-governance? 

(a) Use of e-records 

(b) Use of e-gazette 

(c) Recognition of digital signature 


IT Act 2000 and Cybercrimes 


(d) None of these 


21, > controller works under the directions of 
e 


(a) state government 
(b) Central government 
(c) certifying authority 
(d) Supreme Court 

22. Who lays out the format and content ofa 
digital signature certificate and the key? 
(a) State government 
(b) Central government 
(c) Controller of certifying authority 
(d) Supreme Court 

23. The fees to apply for a digital signature should 


not exceed € ; 
(a) 10,000 (c) 30,000 
(b) 25,000 (d) 50,000 


24. The private key is chosen by the 
(a) subscriber 
(b) state government 
(c) Central government 
(d) controller of certifying authority 
25. A digital signature certificate shall not be 
suspended for a period exceeding 
(a) 1 week (c) 1 month 
(b) 15 days (d) 1 year 
26. If the certifying authority finds that a material 
fact represented in the digital signature 
certificate is false or has been concealed, it will 


the certificate. 
(a) suspend (c) cancel 
(b) revoke (d) issue 


27. If the certifying authority’s security system has 
been compromised in a way that can affect the 
reliability of the digital signature certificate, it 


ee Sal certificates. 
(a) suspends (c) cancels 
(b) revokes (d) issues 

28. Ina digital certificate, key of the 
subscriber is mentioned. 
(a) public (c) symmetric 
(b) private (d) session 


29. The penalty for damaging a computer or 
network can go up to T é 


in Business 
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158 ) Information and o ¿on 
(0) imprisonment for three years, or fine wi 
) 1 takh (c) | crore with an amount which may extend up y, of 
o 10 takhs (d) 10 crore two lakh rupees, or = © F 
Q ituro to furnish information p) imprisonment up to three years, or with 
30. Lech i ( Me ich may extend up to two lakh m in 
a $0,000 (c) 1.5 lakh rupecs, of both whi © 
(b) LEAh (0) 2lakh (e) imprisonment for a term which may a 
M in case of adjudging contraventions extend to two-three years with fine L 
enge by do š (d) imprisonment with a term which may que! 
(a) Controller of certifying authority extend to three years or fine with an u Ø 1 
(b) Director amount which may extend to rupees one 
(c) Police Commissioner lakh, or both 
(d) Adjudging Officer 38. The penalty for hacking a computer system is "m 
32. The officers in the Cyber Appellate Tribunal 3 
work under the supervision of ____—- (a) imprisonment for three years, or fine © 
(a) Controller of certifying authority with an amount which may extend up to 
(b) Presiding Officer two lakh rupees, or both 
(c) Police Superintendent (b) imprisonment up to three years, or with @ 
(d) High court judge fine which may extend up to two lakh 
33. Any person aggrieved by an order made by rupees, or both | 
the controller or an adjudicating officer may (c) imprisonment for a term which may 
eppeal to the a extend to two-three years and with fine 42. T 
(a) High court , (d) imprisonment with a term which may — | u 
(b) Certifying authority extend to three years, or fine with an | ( 
(c) Cyber Appellate Tribunal amount which may extend to rupees one | 
(d) Central government lakh, or both 
34 Any nen ne to e 39. The penalty for sending offensive messages is ( 
"y e (c) 60 (a) imprisonment for three years, or fine 
with an amount which may extend up to 
= os E Ms ^: Ampel two lakh rupees, or both 
appeal ore the Cyber Appellate (b) imprisonment up to three years, or fine 
Tribuna! shall be dealt within from which may extend up to two lakh rupees 
the date of receipt of the appeal. or both Y Ortena Up hoo 
(a) 6 months (c) 2 years ic) impri : 
c) imprisonment for a term which may 4, 
(b) I year (d) 3 years ith fine 
XA adire a "me d extend to two-three years and with 
PE re Apelles ) Misura d with a term which may | 
— orders xtend to three ycars, or fine with an 
gre amount which may extend to rupees 00% 
(a) (c) 60 lakh, or with both 
pres um 40. The penalty for dish iving a stole? 
37. The penalty for tampering with computer j a Dem 
is r (a) i q 
documents a) imprisonment for three years, or fine 
with an amount which may extend up Y 
two lakh rupees, or both 


PN 


p to three years, in fine 
ná up lo two lakh rupes», 


apart W 
wil may E6 


NT 
imprisonment for n term which may 
w vend (0 wo threo ycare and with fine 
jig nom with e term which may 
h "gnd 10 MICO years, or fina with an 
m which may extend to rupeca one 
jr both 
tty for identity theft de 
ld in sonment for three yours, or fine 
pr amount which may extend up to 
¿wo lakh rupeos, OF both 
nt up to three years or fine 
may extend up to one lakh rupees 
nt for s term which may 
to two three years and with fine 
imprisonment with a term which may 
to three years, OF fine with an 
h may extend to rupees one 


w 


amount whic 
lakh, or both 
ty for cheating by personification by 
a computer resource is — 
isonment for three years, or fine 
with an amount which may extend up to 
two lakh rupecs, OF both 
(b) imprisonment up to three years or fine 
which may extend up to one lakh rupees 
(c) imprisonment for a term which may 
extend to two-three years and with fine 
(d) imprisonment with a term which may 
extend to three years, OF fine with an 
amount which may extend to rupees one 
lakh, or both 


O. The penalty for violation of privacy is 


(a) imprisonment for three years, OF fine 
with an amount which may extend up to 
two lakh rupees, or both 

(5) imprisonment up to three years or fine 
which may extend up to one lakh rupees 

(©) imprisonment for a term which may 

( extend to two-three years and with fine 

d) imprisonment with a term which may 
extend to three years, or fine with an 


deest wicseto ex 

tih, or bots my wg 

44, The porstty los Cs fort me rn 
£236 (A pltiting dmca An 


with___— 


imprisonment for a term which may 
extend to 10 years and also be liable to 
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term which may 
ars and with fine 


47. Whoever makes any mi 
or suppre: 
Controller or 
obtaining any licence 
certificate shall be - 

for a term which may 


(a) imprisonment 
extend to 10 years and also be liable to 


pay a fine 

(b) imprisonment for a term which may 
extend to two years, OT fine with an 
amount which may extend to one lakh 
rupees, or both 

(c) imprisonment up to three 
which may extend up to one lakh rupees 

(d) imprisonment for a term which may 
extend to two-three years and with fine 


ized with... — - 


years or fine 


48. In case of breach of confidentiality and privacy, 
the penalty is A 


(a) imprisonment for a term which may 
extend to 10 years and also be liable to 


pay a fine 


>= 


| t. (0) 2 (b 
Eunn 


(c) 14. (a) 15. (b 
(b 24 (s) 25. (b 
(c) 34. (b) 35. (a) 
(d) 44. (a) 45. (b) 


21. (b) 22. 
ETETE 
| 44. () 42. (b) 43. 


Business 


49. 


6. 
16. 
26. 
36. 
46. 


(b) imprisonment for a term which 
extend to two years, or fine with an 
amount which may extend to one lakh | 
rupees, Or both 

(c) imprisonment uP to three years or fing | 
which may extend up to one lakh 

(d) imprisonment for a term which may 
extend to two-three years and with fine | 

The penalty for using a digital certificate tha — | 

has been revoked is — 

(a) imprisonment for a term which may | 
extend to 10 years and also be liable to 
pay a fine 

(b) imprisonment for a term which may 
extend to two years, or fine with an 


amount which may extend to one lakh 
rupees, or with both f 6.1 INT! 
(c) imprisonment up to three years or with 3 
fine which may extend up to one lakh word 201 O 
rupees \ Microsoft 
(d) imprisonment for a term which may | » Create 
extend to two-three years and with fine sharing 
» Create 
| « Gener 
| + Desig 
| * Make 
* Creat 
docur 
6.2 OF 
To begin 
ument, oj 
A file 
Step 1: í 
| Step 2: | 
' Step 3; 
Answers to Multi N _— Step 4: 
Itiple-choice Questions | Ane 
() 7. () 8. @ 9. (9 10. (0) | the Title 
Po POM P a. 20. () 
) 27. (b) 28. (a) 29. (c) 30. © 
| 87. lo) 38. () 39. (o) 4o. @ | 
- (b) 48. (b) 49. (b) o 
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glements of 
word Processing 


Syllabus Mapping 


ing with word document—editing text, find and replace text, formatting, spell Module Il 
autocorrect, ao text; bullets and numbering, tabs, paragraph formatting, Unit 6 
t, page formatting, header and footer, macros, drop cap; tables—inse rting, fill 


-g and formatting a table, inserting pictures and video; mail merge— including link- 
ing with database, printing documents; creating business documents using the above 


facilities. 


(| INTRODUCTION 


Word 2013 is a word processing application software developed by Microsoft. It comes as a part of 
Microsoft Office 2013 suite. You can do a lot on MS Word: 
+ Create professional-looking documents with different themes, visual designs, formatting tools, and 


sharing features. 
+ Create and edit personal and business documents including letters, invoices, e-mails, and books. 


+ Generate business reports having various graphics including pictures, charts, and diagrams. 
+ Design flyers, cover pages, and letter heads for personal and business purpose. 


+ Make documents such as résumés or invitation cards. 
* Create a wide range of documents varying from a simple office memo to legal copies and reference 


documents. 


6.2 OPENING, PRINTING, AND CLOSING DOCUMENTS 


try to perform basic operations such as creating a new doc- 


g a document, etc. 
document. Let us create a new document. 


To begin working with MS Word let us now 

"nent, opening an existing document, savin| 
A file created using MS Word is called a 

Step 1: Click on the File tab. 

Step 2: Click on New. 

Step 3: Click on Blank Document from the list 0 


Step 4; Cli 

* Click on Create. : ? 

"e new document is created and Word names it as Document 1. You can see that this name appears in 
Title bar. Now you can type your text in the document area. 


f options as shown in Fig. 6.3. 


— 
keyboard. | 
ES | To create a new document you can also press en T TUM = = Be ee 


Figure 6.1 Creating a new document 


There is another way of opening a file. If you want to open a file that had been used recently, ta 


you can click on Recent option in the File menu. A list of recently opened Word files is displayed. Cit 
on the name of the file that you want to open as shown in Fig. 6.2. 


BEEGEECES 


Figure 6.2 Opening Word document 


editing or inserting new text. But 
you make any changes in it, you must 
again. Even while working on the file, you 
your work every few minutes so that 

i are made permanently in the file. 
To save your changes under the same file 
me. either press Ctrl S keys or click 

ave icon in the File tab. The Save icon is also present on the Quick Access Toolbar. 


Figure 6.3 Saving a document 


a 


typing, press Enter key only when you want to starta 


i 
T 


Page Setup 


Setup dialog box has the following three tabs: : 
; This tab is used for setting margins. You can apply margins either on the whole docun 


You can set the following margins: 
ifies the distance from the top of the page to the first line of the text. 


used to specify the distance from the bottom of the page to the last line of 
f the page to the start of the text. — 


pecifies the distance from the left edge o 
the distance from the right edge of the page to the end of the text, 
ifies an additional space of margin for pages that are to be bound. 4 
tab is used to select the paper size for all the pages in your document. 
inter tray to use for the first and other pages of the Wor document. 


en you want to use a heavier paper or a colo 
er of your document. 


the Close button, You can also press the Alt + F4 keys, Hi 


j a document, click on 


‘closing the document make sure that you have saved your work. ae N pie 
ly, use 
43 N To select ti 
6.3 TEXT CREATION AND MANIPULATIO E. 
this secti i i i i d. Entering text ding d 

will learn about entering and formatting text ın MS Wor g Ho 
cos mii means to apply some styles to the text to make it more presentable and a Press F8 a 
* To selec 
6.3.1 Document Creation em 
- In the last section, we studied that to create a document either press Ctrl + N keys or click * To selec 
followed by New option. Once the document is created type some text. The text would be i ni 
‚position of the cursor. E. 


Inserting text means adding a word or text into the existing content without replacing a ys arrow, Now 
content in the file. To insert text, follow the steps given below: M. 


Step 1: Click on the location where you want to insert text. You can even use arrow keys on. 
~ board to move to the position where you would like to insert the text. 


Step 2: Type the text you want to insert, The new text would be inserted to the left of the 


. selected text. The text will be y ae 
copied on the > 
owing ways. clipboard. 
ght clicking on the selected text and selecti = 
ting Cut a x x 
ing on Cut button available in the Ribbon ig Cut option from the po] 


< Click at the place where you want to paste the sel i i 

| Click E^ selected text. This would move the ci 
wt Perform Paste command by any of the following ways. 
+ Clicking on the Paste button in the Ribbon. 


+ Pressing Ctrl + V keys on the keyboard. 
+ By right clicking at the desired location and selecting Paste option from the pop-up menu. — 


| Sut, Copy, and Paste operations can be performed within the same de 
ross multiple documents. E 


| 43.5 Font and Size Selection 


| Word allows you to use different fonts with di 

hetet and make it more attractive. Generally, 

ings, text, important terms, etc. 

| Follow the steps given below to change the 

| fontand its size: fs 

Sip 1: Select the text whose font and size has | 

be changed. 

Click on the Home tab. 

Click on the triangle next to Font Typeto 
all the fonts available. Select a font. 

ck on the triangle next to Font Size to 

y a font size list. You can also type | 

This is shown in Fig. 6.9- 

n how to grow and s! i 

Fig. 6.10 shows these buttons. 

and click on Shrink button to 


Er 


E 


fferent sizes. This helps you to change the appearance of 1 
we use different fonts and sizes for headings, sub-head- 


4 Yu "Xx M. EA 
1 a eS A uan 
mm y EE EL eek We mo 
n y 


Figure 6.12 Font colour 


3H lighting Text with Colours 
3 a selected text using any colour, follow the following steps: 


gyp: Select the text. 
: sup 2: Click on E triangle next to the Text Highlight Colour button to display a list of colours. When 
move the mouse pointer over different colours, Text Highlight Colour will change automat- 


ically as shown in Fig. 6.13. 


Figure 6.13 Highlighting text 


cta colour by clicking on it. 


plying Text Effects nis 

3 i is is especially useful to design ( 
various effects on text to beautify the document. This is es "ets 
the document. Text effects can be applied by following the steps given ® 3 


indentation means to | 
of the paragraph inward 

of the paragraph. To left 
yh, follow the steps given 


sett dang fundi d eon EAN tat by chong a 
, lock for the selected test from the Quick =p 
| efe pr on the Homme tab. You can siso format 
anywhere on the paragraph. c u eo se 
ywh grap len : 


ek on Increase Indent button avail- 

on Home tab (refer Fig. 6.16) or 
i Ctrl + M keys. To have a deeper 
jndentation you can click multiple 


Figure 6.16 Indentation buttons 


times. 
n left indentation, click on Decrease 
à available on Home tab or press 
Qi Shift + M keys. To remove deeper inden- 
ion, multiple times. 


| y n Right indentation means to | 
h 


ove the right edge of the paragraph inward 
awards the center of the paragraph. To left 
a paragraph, follow the steps given 


lp I: Click anywhere on the paragraph. 
Click on Page Layout tab. 
Sup3: Use the Increase Right Indent spinner 
or Left Indent spinners to increase the 
‘indentation of the paragraph. 

the Decrease Right Indent spinner Figure 6.17 
in Fig, 6.17) to remove indentation. 


Indent Spinner button 


e and Paragraph Spacing 


space between two lines can be adj 
more readable and clear, less space b 
ona single page. Follow the steps give 


space between two lines — 
other hand, helps you to - 
decrease the line or para- 


usted in Word. While more 
etween two lines, on the 
n below to increase or 


click on Line and 


h group of Home tab, 


ample, we put headings in , 
igen An de fist character is capital andy 
= ise character(s) by pressing the Caps 
for, Word also provides features to change the 
low to change the case of text: 


iven be 


e Case button as shown in Fi TO 
e i i next to the Chang G ig 
2: In the Home tab, click on the triangle 


lected text. 
‚Step 3: Click on the option to select a case for your se | 


wer ` 
You can easily change the formatting of selected text in the doc | 
Jook for the selected text from the Quick Styles gallery on the + D 


every first character of every selected word is if 
of a text. It will make a lower case character an t 


6.4.6 | 


In Word 
the text 


hetlialog box shown in Fig. 6.23 appears, 
sarch and then probably replace. 


currences of the text in the document, click Replace All. 


Replace 


¿| Find what || 


| | Replace with: | 


Resa] Grad) (ae 


Figure 6.23 Find and Replace dialog box 


» To skip the current occurrence of the text and proceed to the next, click on Find Next. 3 


Cover eter Ward 


64.6 Spell Check 


ln Word, users can check the spelling and grammar of 
the text all at once by running the spelling and grammar 
lecker. The check can also be done automatically and then piven ek ae 
| Sorrections can be made by the user. Moreover, the auto- 2 

"lie spelling and grammar off feature can be turned off as 
when required. The steps to do this are: 

! Click the File tab to go to Backstage views 
‚on Options as shown in Fig. 6.24. 


m the dialog box that appears, 
left side, 


then click 


click on Proofing 


Figure 6.26 Grammar settings 
6.4.8 AutoCorrect 


By 


default, Word does 
mot check for sentence 

ents (incomplete 
sentences) and run-on 
sentences. To use this 
feature, turn it on by 
clicking on Settings. 
From the dialog box 
that appears as shown 


in Fig. 6.26, check the box next to Fragments and Ru 


Figure 6.25 Wordo 


Word allows th 

lae ie x s e feature to correct typos, capitalization errors, and misspelled 
E id y ae symbols and other pieces of text. By default pe | 

typical symbols, but users can modify it as per the need. Follow the n 


to use the AutoCorrect feature. 
‚Step 1: Click on File tab. 
‚Step 2: Click on Options. 


Step 3: Click on the Proofing tab and then click on AutoCorrect Options as show: o 3 
» aS § nin Fig. 6. 


] 
7 


ords. It is 
s a list of 
en below 


7 Capitalize names of days 
EA Correct accidental usage of CAPS LOCK Kay by 


| Em» 
[V] Automatically use suggestions from the spelling checker 


Figure 6.28 AutoCorrect options 


449 AutoText i 
Users can insert text automatically in Word with blocks of preformatted text from the AutoText gallery. 
Word also inserts text automatically when the user has typed only a few characters. 

Sepl: Select the text or graphics from a document that you want to add in the AutoText entry. 

3192: Press Alt+F3 to open Create New Building Block box (Fig. 6.29), in which you should do the 


following. 


n Macros from Macros group and then select Record Macro (Fig. 6.33). "Yt i 


Pause Recording 


wem übewon [sam 24. 


LES LI TEE = 


borders by using the Borde 
rs and Shading di 
table by clicking on the Cross Icon. hes 


Figure 6.44 Borders 


Customize the border by selecting colour, width, and style for the border. 
umns follow the steps given below: 


shades on a selected table or its rows or coli 


row(s) or column(s). 
ck the Border button to 
‘the Border and Shading option. 
order and Shading dialog box click on the Shading tab (refer, Fig. 6.45) -r 
ons to select fill, colour, and d style and whether this border 


ted text. 
settings and click on OK to apply the changes 


display a list of options to puta border, 


‚6.51 Insert picture 


dialog box that appears, browse your com > 
t and then click on Insert, n puter to locate the pictur 


desired picture is not present in the computer, you can search for it onli sei ' 
nt, Follow these steps to add an online picture. it online de 


. Click at the position in the document where you want to insert a picture, 
gg! Click on the Insert tab and then click Online Pictures as shown in Fig. 6,52, 


HOME INSERT DESIGN PAGE LAYOUT 


mm (3492 e 


Pages Table Pictures Online Shapes n Appsfor Online ; 
» M Pictures ~ G+” Officer | Video M 
Tables Illustrations Apps Media 4 


Figure 6.52 Insert an online picture 


y3; In the Bing Image Search, type the keyword to search for the picture and press the Enter key. 
dot A dialog box showing search results will appear as shown in Fig. 6.53. Select the desired image, 
and click on Insert. 

The image will appear in the document. 


Online image search 


hover you 


i ears, 2 
the pop-up menu that app pop-up menu that appears (Fig. 6.54), 


m d lect the desired option from another 


4 AZ 


8 Co» | step 3: 
| f. Paste Options: | 
= | 
| € 
Edit Picture 
Save as Picture. 
Ey Change Picture... 
: 
& Heins £x In Line with Text. 
erlink... 
z tep 4 
Insert Caption.. Hl Sup 
" Tight 
B Wap Tet m E To ch 
Z Through 
T Size and Position. a 2 Step 
Z Top and Bottom 
YY Format Picture... E 
E Behind Tet Step 
WW Infrontof Text 
YX] Edit Wrap Points Step 
ith Tet 
sition on Page 


Xi More Layout Options... 
Set as Default Layout 
Figure 6.54 Text wrapping an image 


6.10 INSERTING SHAPES 


d a variety of shapes to 
you to draw 4 or aie eee You can even add text in these sha 
es, arrows, equation a = shapes. Some shapes already a 
ta shape in y Pes, flowchart Shapes, stars, b; 
your document. , Stars, banners, 


group, click on Text Box. 

er select a text box (refer Fi 
ig. 6.60) 
p down menu or click on Draw = 


Effects on Text Boxes 
ertypes ofshapes, you can also apply 3D effects 
You can give a 3D appearance to your text box 
her shape by using 3-D Rotation and Bevel. While 
n gives the appearance that you are viewing an 
a different angle, Bevel adds thickness and a 
to shapes. Follow the steps given below to 
ect to any shape including text box. 
the shape. 
on the Format tab. 
the Shape Styles group, click on Shape Effects. 
your mouse over 3-D Rotation. From the 
n menu select one of your choice as 


Microsoft Word that allow 
nt and add a list of name 


de 


vais 


software. 
(c) spreadsheet 
sing (d) animation 
its that cannot be inserted in MS 


most popular word processor. 
oft Word (c) AppleWorks 
(d) OpenOffice.org 
bar displays the name of the 


(c) Title 
(d) Scroll 


Access 


bar contains buttons for frequently 


s (c) Title 
(d) Scroll 
print a document is present 


(c) Page Layout 
(d) View 


and other elements in 
(a) Scroll bars 
(b) File tab 
10. Which view displays pages exactly as. 
appear when printed? 
(a) Full Screen Reading 
(b) Web Layout 
(c) Outline 
(d) Page Layout 
11. Headers and footers cannot be seen in which 
view? : 
(a) Draft (c) Outline. a 
(b) Web Layout (d) Page Layout 
12. bar displays information about. 
document like the total number of n 
words. 
(a) Quick Access 


ik, and Slideshow. 


ntation software developed by Microsoft for Microsoft Wi 
t, shapes, graphics, pictures, and multimedia along with integration wit 
like Word and Excel. A document prepared in Microsoft Presentation is 
ed with the .pptx extension, whereas the file extension of the prior versio 


(MS) PowerPoint is called a presentation software because it helps users to pn 
itations for different purposes. For example, teachers make presentations to 
each students in a class; managers make presentations to present their ideas, introd 
‚or to explain an organizational structure, etc. In this chapter, we will learn how to 
a using MS PowerPoint. 
> chapter starts with an introduction of the MS PowerPoint software and deals with th 
opening, and saving a PowerPoint presentation. We will learn how to apply 
templates, and insert text, Word tables, Excel sheets, pictures, clip art, v 
footers, and other objects. We will learn how to insert or delete slides fr 


The chapter also discusses how to view a Presentation, printing slides, 


A 


Slide Tab | Notes Section 
Quick Access Toolbar Slide Views Zoom Options 


Figure 7.1 PowerPoint window 


ts of Presentation Window 
open existing ones, create new 
uted from this view. 


File tab allows you to save presentations, 
Other file related operations can also be exec 


on (Fig. 7.2) has the following components: 


nt). 
| It is the area where the slide is created 
edited, You can insert, edit, and delete text, 
shapes, and multimedia in this area. 
‘Help The Help icon (2) opens the in-built help of 
PowerPoint and is used to get help related to top- 
ies in PowerPoint. The Help window (Fig. 7.3) 
displays a list of common topics which you can 
browse to find details about a topic of your choice. 
You can even search for specific topics from the 
Search bar at the top. 
Zoom Options Zoom control allows you to zoom 
in for a closer look at the text. It consists of a slider 
that can be slid left or right to zoom in or out. 
You can click on the — and + buttons to increase 
or decrease the zoom factor, The maximum zoom 
supported by PowerPoint is 400%. 100% zoom is 
indicated by the mark in the middle. 
Slide Views The Slide Views are a group of four 
buttons present to the left of the Zoom control, near 
the bottom of the screen. It helps you to switch between PowerPoint views. The different views 
Normal Layout View As the name suggests, this view displays the page in normal view with 
on the right and a list of thumbnails to the left. It is useful while editing individual slides and 


them, 
Slide Sorter View In this view, all the slides are displayed as a matrix. It is useful when you 
to rearrange and not edit the slides. 

Reading View This view is similar to a slide show. Like i fa sli 
‘eading View is si 1 A in case of a slide show, you cannot 
slide = er i ele hee on a slide you will move the presentation to the be. slide. 
unlik ide show w ide, i i i i 
ee ich always starts from the first slide, in the Reading View you can 

Notes Section This section allows 
you to add notes to the i 
; j presentation. These notes 
played on the screen during the presentation but serve as quick reference for the pres 
Quer! Access Toolbar It is present above the File tab and to the left of the Title bar TS 
‚oolbar contains buttons for frequently used com i a 
EL : : mands (like Undo, Redo, i 


* Organizing and formatting 
sides 
* Using masters 


* Working with animation 


* Working with movies 


TITLE 


* Working with transitions 


Figure 7.3 Help window 


| 


tabels Pues Presentations Reports 


| = More 


Figur 


e 7.6 Available templates and themes 


» First, click on Recent Templates to reuse a template that you had recently used. Cli n 
template and then click on Create. y . Click on the desired 


* Second, to use an alread 
and then click on OK. 


y installed template click on My Templates, click on the desired template 


+ Third, to use an absolutely new template, you can search on Office.com, To de i 
ory, Select the template that you want, and then click on Download le en a hom 
temp! m 


— 


Figure 7.11 Deleting a slide 


# 


7.4 PREPARATION OF SLIDES 


In this section, we will learn about adding some objects like pictures, tables, worksheets, etc. 


7.4.1 Inserting Word Table or an Excel Worksheet 
an Excel worksheet in your PowerPoint slide, follow the steps given below: 
Click on the Insert tab. 


the Text group, click on Object. 
ad Object window, select Create from File as shown in Fig. 7.12. 


vse, and in the Browse dialog box, select the Excel workbook. 


‘is not there in your computer, then you can take it from the Internet using the Insert On 
Select the Insert tab. 
Click on Online Pictures. 
Enter the name of the picture you want to search for. 


re 7.16 Inserting charts in a slide 


.4 Resizing and Scaling an Object 
Resizing and scaling stretches or shrinks the dimensions of an object. To resize or scale a pi 
the steps given below: 
_ Step 1: Click on the object that you want to resize. 


| Step 2: To increase or decrease the size in one or more directions, drag the sizing handle aw 
2 ard the center (Refer Fig. 7.17). 


tow: 
E an object to an exact height and width, follow the steps given below: 
Step 1: Click on the object that you want to resize. 


‚Step 2: Click on the Format tab. 
‚Step 3: In the Size group, enter the desired measurements in the Height and Width boxes 


Sizing handle 


Applying effects to a line 


of the line, follow the steps given below: 


Format tab. 
small arrow next to the Shape Outline (Refer Fig. 
e desired color. The color of the line will be changed. 


7.24). 


Figure 7.24 Changing the color of the line 


To change the style of the line, cli 
| ; e line, click on the small arrow next to Shape Outl 
the desired style as shown in Fig. 


Jane" 


Figure 7.29 Notes displayed using the Notes Page View 


Notes Page view also helps users to view your own notes in a page view. Each slide created 
s its own note page. These pages can be printed to be used as a reference while delivering the 
tion. The notes do not show on the screen during Slide Show view. 

“access the Notes Page view, click on the View tab. From the Presentation Views group click on 
tes Page button. The upper box of the page will display a single slide and the lower box of the 
the Notes area. i E 
Zoom slider is placed towards the right on the Status bar to get a better, zoomed-in view of 
rt of the Notes. Putting notes in the Notes section of either Notes Page visor Nalindl b 

way of including reminders about topics that you have to discuss while SEAT We i 


Kod | 
| slide or from any slide of the slide sh 


E o advance through the slides. Follow the steps 
rted, you can deci 


Ste I: Click on the Slide Show tab. J 
Step 2: From the Slide Show group, click on the From Begin: 


ning command (as shown in Fig. 7.33 
how from any other slide, select the 
n is useful if you want to view only certain slides, 


the slide show with the first slide. To start the slide s 
click on From Current Slide. This optio! 


Figure 7.33 Starting presentation from 
the first slide 


An alternate way to start the slide show is to select Slide Show view at the bottom of the window as 
shown in Fig. 7.34. 

Click on the right arrow to advance slides and the left arrow to 
reverse slides. These arrows are present on the bottom-left cor- 
ner of the screen. You can also use the arrow keys on your key- 
board to advance and reverse slides. a 

To stop or end a slide show, right click on the box and select 
End Show as shown in Fig. 7.35. An alternate way to end the 
presentation is to press the Escape key. 


Figure 7.34 Slide Show view 


7.7.2 Setting the Timing and 
Transition g and Speed of a 


next slide. ' 
stop recording the time. 
restart recording the time after pausing. g 
e length of time in the Slide Time box to set an exact length of 
’ 1 on the screen. ý 
(e) Repeat to restart recording the time for the current slide. 
box displays the total time 


After you set the time for the last slide, a message i 
the recorded slide timings. Click on Yes to record and click on. 


as to keep 
slide timings. 
the time of each slide in your pre 


Finally, Slide Sorter view will be opened to display 
To automate a slide show, you can also record narration in it. A recorded PowerPoint: 
be played back at any time. The prerequisite of recording narration is to have a micropho 


ration increases the size of presentation. Therefore, such a 


L| 
_ Follow the steps given below to record narration in your PowerPoint presentation: 


Step 1: Click on Slide Show. 
^ Mir" Up group, click on Record Slide Show. 
a 
Click E A E. Eorum The slide show will begin. Speak i 
Being CI on Ye an usen an and sel 


ent prepared in Microsoft 


has been developed by 3 
ft (c) Google 
(d) Apache 
yn is saved with an extension 


(c) ppts 
(d) .pptd 
tab is used to create a new 


(c) Slide Show 
(d) Animations 
in the 3 
(c) Ribbon 
(d) Animations 
rea where the slide is created 


(c) Tabs 
d) Slide area 


(a) Status bar 
(b) Zoom control 

8. view is useful 
individual slides and re 
(a) Normal layout 
(b) Slide sorter 


leerlas in the 


(d) Format 


(c) Notes Section 
(d) Reading 
narration in your presentation, you 
—— 
( (c) Microphone 
(b) Webcam (d) Headsets 
18. git sae ota cannot be inserted in a 


m None of these 


transition between slides 
animation 


(c) change the bac 
(d) change the font sty! ; 
text 
25. The design template is applied 
(a) the current slide only 
(b) all the slides 
(c) every presentation you create. 
(d) all of these 
26. A new presentation can be 
the 
(a) blank RON 
(b) existing presentation 
(c) design template 
(d) all of these 
27. Which combination of keys insert 
in the current presentation? 


(a) Ctrl + N (c) Cul +8 


(b) Ctrl + M (d) Ctrl 
28. Which command is used to go to 
in a presentation? 
(a) Next slide button (c) 
(b) Page up 
29. view shows thumbnail 
slides in a presentation. 
(a) Slide Show 
(b) Slide Sorter 
30. The entry effect as one 
during a slide show is 


e umo a 


, RATE, PV, FV, NPER, IRR, N 
; date and time, lookup and reference, 


ig spreadsheet in the area of: loan and lease s! 
; capital budgeting; depreciation accounting; 


data; frequency distribution and its statistical parameters; 


8.1 INTRODUCTION 


A spreadsheet is a table of values arranged in rows and columns. Each value in the table ha 
fined relationship with other values in the table. Therefore, if you change one value, the oth 
also get affected. 

Spreadsheet applications, also known as spreadsheets, are programs that help users 
ulate spreadsheets electronically. They are specifically designed to ease the management 
calculations. 

F MS Excel is a commercial spreadsheet application developed by Microsoft. It can y 
tions, and analyse and integrate data from different programs. It is used to calculate to 
en budgets, and complex financial and scientific formulas. Besides these fune 
is used for database management and doing business analysis. By default, d 

a sis. , documents 
2013 are saved with the .xlsx extension. d 
me we will explore the most widely used spreadsheet software—MS 

ill cover the basic elements of an electronic spreadsheet; teach you to crea 
y 

enter text, number, date, formulas, and functions in the cells; insert or delete 

width of cells; represent information using charte: sort and filter 

0 install add-ins to further increase your productivity. 


j ITS OF ELECTRONIC SPREADSHEET | 


Click Start button. 
Click on All Programs from the Start menu. 
Click on MS Office. f 
E — 
It EN gs xcel window will be displa s sl in Fi 
e se E. ^ E : page in Excel is rris os pto s 
new sheets; open, save, and print them; and do other file-related 


8 operations. 


pre-de- 
lue may 
us Microsoft Excel 2010 
| manip- Figure 8.1 Starting MS Excel 
ers and 1 7 
Quick Access Toolbar Like in Word, Quick Access ooir T 
sales this toolbar has buttons for most fre- Fota Ribbon 
/erages. quently used commands. You can cus- 
S Excel tomize this toolbar based on your choice 
n Excel Ribbon The Ribbon (as shown in Fig 
83) contains commands organized in 
ail. The tabs and groups 
* 
ve, and Tabs Tabs can be seen across the top la 
jumns: of the Ribbon. They contain groups 3 
nalysisı of related commands. Some tabs are [A 
Home, 1 F la | 
, Insert, Page La! ‚out, Formulas, 1 
insert, Page Lay E 
B 


Review, etc. 


Groups Related c 

bined in groups. For 

now mands like Cut, Copy. 
P placed in the Clipboard group. 


ommands are com- 
example, com- 
Paste, etc. are all 


SOEs 


Re 
me DS E ME 2 D 
icon is used get help regarding the features of Excel. 
you to get a closer look at the text. It has a slider that 
on to zoom in or out. You can click on the — and + buttons 


Buttons group of three buttons located to the left of the Zoom control, near the bot 
used to switch among different sheet views. There are three views in Excel. 


* Normal Layout view displays page in normal view. i 
* Page Layout view gives a full screen look of the sheet and displays pages as they will ap 


printed. 
Page Break view shows a preview of where pages will break when printed. 


i Area Data is entered in the Sheet Area. The flashing vertical bar also known as the insertion 
represents the location where text will be entered while typing. 


Row Bar Rows are numbered from 1. They keep on increasing as you enter data. The maximum n y 
ber of rows in Excel is 1,048,576. 1 


lumn Bar Columns are numbered starting from A. They keep on increasing as you enter data. 
start series of AA, AB and so on. You can have a maximum of 16,384 columns, 


It displays information like insertion point location, total number of pages and wor 


etc. Status bar can be customized by right-clicking anywhere on it and selecting 
options from the provided list. 1 i . 


ening a Spreadsheet 


cell “as percentage 
‚like 50.00%. 


+ Scientific displays cell as an exponential 
value like 5.6E+01. 


e Text displays cell as a normal text. 
“+ Special stores data in special formats like Zip code, Phone Number, etc. 


* Custom allows you to create a custom number format that is added to the list of num 
codes. In Excel 200-250 custom number formats can be a z j 
Move the mouse over different options, to see how the data will be formatted. 


Figure 8.10 Entering numbers, text, or dat 


8.3.2 Creating Text, Number, 
Date, Time, Weekdays, 
Months, or Years Series 


Excel allows users to quickly fill cells with a 

‘series of texts, numbers, dates, times, week- 
months, or years. For example, you {> 

enter January in a cell, and then fill the 

below or to the right with February, 

‚April, etc. 
ct the cell(s) that contain(s) 
number, date, time, weekday, 


(s) which contain(s) data th; 
Home tab. mi i 
it command from the Clipboard group. 
the cell where you want to paste (or tie the data, 


0 press Ctrl * X to cut and Ci 
ct Cut or Paste option from "e 


licate copy of data in a cell, perform the same steps but 
and. Alternatively, you can press the Ctrl + C command to 
press Copy as many times as you want the copies to be of. — 


Special Options ae, 
data, MS Excel copies every piece of information in the range of cells you. 
ecial command offers much more options. To use the Paste Speci 
‘below the Paste button in the Home tab. Then, select Paste Spec 
nu to open the Paste Special dialog box. - " 
derstand the meanings of all the 


hing in the selected cell including 


ing, etc. 
tes all the text, numbers, 
y formatting. 

formulas in the selected cell to 


and formu- 


“Move the curs i : 
a 4 or puente various Fill colours to see a preview in the worksheet, 
‚Click on the colour of your choice as shown in Fig. 8.20. 


Figure 8.20 Fill colour 


the Formatting Toolbar 
mat the cells with the toolbar, select the cells and then click a button to apph 
ply one of the for 
in Table 8.1. e formats 


„1 Formatting options 
S Effect 


on the Protect Sheet button as shown in Fig. 8.24. 


In the Protect Sheet window, you may enter a password 
the sheet (optional) as shown in Fig. 8.25. 
8: Click on OK. 


8.3.9 Hiding/Unhiding Rows, Columns, and 
Sheets 

Excel 2013 has an excellent feature to 

hide the selected rows, columns, and 

sheets to protect specific content from 

any sort of detrimental usage. To hide | 

rows, follow the steps given below: | 


Step 1: Select the row(s) you want to 
hide. 


Step 2: Click on the Home tab. 
Step 3: Click on the down arrow next 
to Format command in the Cells group. 
Step 4: Move the mouse over Hide & 
Unhide option. Select Hide Rows from 
- the menu as shown in Fig. 8.26. 
! "The selected rows will be hidden. 


I2 
E 
|4 
[s 
$] 
I? 
8 
Is 
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n" 
x 
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lu 
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a that appears click on Hide. A 

, Click on th f 

Unhide. Select Hide Sheet option. ^ 
below. 


to unhide a row, column, or sheet, 


. 


o analyse data. For this, it has à number | 

ble functions. By using these functions, you 
For example, the LOG or SIN fu 

fied using just operators. In this 


of Excel is that it allows users ti 

las that you create can use the availa 

ions that are difficult if you use only the operators. 

ulate the Logarithm or Sin ratio is difficult to be speci 
Jearn about these exciting features of MS Excel. 


the bread and butter of worksheet. Without them, worksheet will have just a simple 
the most exciting features of E 


a calculation. One of 
ddress represents the value 


; n that performs 
Il address. The cell’ a 


is an expressio 
calculate expressions using a ce 
dusing a cell reference. ; - | 
advantage of using formulas is that if value(s) change(s) in the cell(s), formulas a 
a ed results. A formula must begin with the = sign and can have mat 
such as + * ^or logical operators (like and, or). € 
It of formula is displayed in the cell that has been currently NUES 


(a) 


Figure 8.31 Example of absolute cell reference 
‘erences, either the row or the column will be same and 


lity sold a tax of 14% is applicable, then this value 


Example of Mixed Cell References 1n mixed ref 


the other will change. For example, if for every commoc 
t (refer Fig. 8.32). In such a case we can use mixed cell reference 


— will remain constant for every produc 
i the other keeps changing. 


— where one value is constant and 


of mixed cell reference 


cell reference, which is called 
refers to itself. For example, if we write = es = ie 
, 8.332). However, whenever you usi Peces 
" Á € a circular 


gure 8.32 Example 


(34,567) returns 34. 
that lies between 0 and 1. 
e) This function rounds a number to the nearest multiple 


25, 0.1) = 34.3, Ceiling(45.25, 0.5) = 45.5. 


from unit, to unit) This function converts à number from one 


"example, CONVERT(60, “m”, “sec”) returns 3600. 
unds off the number down to the nearest i 


number, significance) This function ro! 
-to the nearest multiple of significance. For example, Floor (1 56.32, 1) = 156, Floor | 
The first number is the one that has to be rounded off and the second number is the multip 
you need to round off, In the example Floor (3.4, 2), the nearest multiples are 2 and 4, but the ¢ 
c zero is 2; hence, the answer. 
— INT(number) This function rounds down a number to the next lowest integer. For example, I! 
123, INT(-8) = 9. 
number) This function returns a number next to the 
EVEN(231,34) = 232. 


(num1, num2, ... 


nearest even integer. For exam 


) This function returns the smallest number that can be divided by 


given numbers. For example, LCM(8, 20) = 40. 
mber, [decimal places]) In this function the second argument is opti LC 
; i s s optional. The function‘ 
a number into text using the currency format. For example, Dollar(9876, 2) = $9,876.00 
(numi, num2, num, ...) This function calculates the avera; iati i 
For example, AVEDEV(10.7, 7.2) results in 1.65. ie 
function returns the prediction of a future 
on existing values. 


is a value between —1 and +1 
variables are related to cach 
indicates a perfect pos- 


n Scatter in the Charts area and then 
scatter graph. 

click on a data point on the graph and 

Add trendline’ from the drop down menu. 
Scroll to the bottom of trendline options and 
check boxes for ‘Display R-squared value on 
and Display equation on chart. R-squared and 

iion equation will appear on the chart. 


and VARA 
in An ray Fo op Tot 


RA() function calculates the sample variance Of ao 
ed set of values. Its syntax is VARA(numberl, 
ber2], ...). Where the number arguments are val- 
that provide a minimum of 2 numeric values to 
function. You can enter up to 255 values in this 
ction. 
The VARA() function in Excel is very similar to the Figure 8.43 Vara 


VARO) function, in that both functions calculate the . 
‘sample variance of a supplied set of values. However, the difference between them is that when an array 


of values, containing text or logical values is supplied to the function, the VAR() function ignores the 
0 and logical values, whereas the VARA() function assigns the value 0 to text and the values | or 0 to 


values (see Fig. 8:43). Table 8.2 SUBTOTAL function 
TOTAL 


function returns the subtotal of the num- iari 
BUBTOTAL funcio database. The syntax for the 


in a list or 
ina column la, SUBTOTAL(method, angel, 


EM MEE 
fe 


uncon Kary 


BRETT 


Figure 8.44 SUBTOTAL 


To use the SUBTOTAL function, the following steps are to be used: 
Step 1: Apply a filter to the list. In Fig. 8.44, we have used it on the 
- Region column. 
Step 2: Select the cell where you want the grand total. 


Step 3: Click the AutoSum button on the Home tab (see Fig. 8.45). 
Since the list is filtered, a SUBTOTAL formula is inserted, instead 


Figure 8.45 Autosum 


The SUMPRODUCT function multiplies the corresponding numbers in the given arrays, and 


f those products. The syntax of SUMPRODUCT 
be given as SUMPRODUCT(array1, [array2], 


where, arrayl is a mandatory argument that is a: 

fom, |) 8 zug 

will be used to multiply with values in | ""* * 
added; array2, array3, are optional | °° 


the sheet the first array can be found, The 


255 arrays. Values of all 
multiplication and addition to 


HOME INSERT PAGELAYOUT. 


EINE 


Font 


¡[A AR 


BE. 

=o 
a 
r 


= 
mem 
-— 
mer 


. Value if false2 


ND IF . ms 
Figure 8.54 demonstrates the use of a nested if e 
statement. Figure 8.54 Nested IF function 


Financial Functions 
Microsoft Excel is a very important tool for investment bankers and financial analysts. They a 
in excel shortcuts and formulae. Though there are more than 50 financial functions in Exe 
discuss some frequently used financial functions here. However, before we start, remember 
pay an annual payment at an annual interest of 6% then for monthly payments, the rate will be 
=0.5%. 
Moreover, the number of periods (nper) is the number of times the payment is made until 
m... is paid. For example, if we are making monthly payments for a 20 year loan, then n 
Future value (FV) The FV function is used to find out 
the future value of a particular investment which has a 
interest rate and periodic payment. The syntax 
‘is FV(Rate, Nper, [Pmt], PV, [Type]) where, Rate 
mee, Nper = number of periods, [Pmt] = pay- 
PV = present value, and [Type] = when 
(if nothing is mentioned, then it 
payment has been made at the end of 


used to study how d 
mula, For example, if there is 
of interest rates and loan 


4: On the DATA tab, click What-if Analysis in the Data Tools group and select D 
E 


dropdown list. 
Step 5: In the dialog box that appears click the cells—interest rate (B2) for row as the inter 
y in a row and loan amount (B1) for column, as shown in Fig. 8.73. 


PAGELAYOUT FORMULAS. DATA 


BB connections 41 An Y cer 


ed 


a Properties Saal 


j| Sot | Filter 


‘Alle R Edit Links Y Advanced n) 


lumns 


Sort & Filter 


Click on the Insert tab. 
Click on Pivot table command in the Tables group. 
== Step 4: From the window you may choose the location where you want the table to be i 

OK as shown in Fig. 8.82. 
Step 5: A blank worksheet for the pivot table will be added which displays a PivotTable Field 
pane on the right side of the worksheet area. This pane is divided into two areas: the Choose Fi 
Ids in the source data for the pivot table and 


_ Add to Report list box with the names of all the fiel 
divided into four drop zones (Report Filter, Column Labels, Row Labels, and Values) at the bot 
Drag field name(s) from the Choose Fields to Add to Report list box and dropping it in one or more 


the four areas below. You can also select the fields by placing a checkbox next to the field name: 


Fig. 8.83). 
Excel allows you to apply Sort & Filter commands on the result set. You can even right click on 
and using Value Field Settings option choose different types of actions as shown in Fig. 8.84. — | E 


Na E 


Souce Name: Sales 4 ke 
Quetom Name: [Count of Sales 
| Sunmanze Values Gy | ShowMahame mal 
| Summarize value field by 


| | Choose the type of calculation that you want touse t 
me 4 
| 


chart is used to see 

a period oftime or to 

among different items. 

graph or a bar chart is used to 
isons among individual data 


sie chart is used to show the size 

‘that make up a data series, pro- 
ional to the sum of the items. It is used 
‘splay information about only one data Figure 8.85 Inserting charts 

s. Pie chart is especially useful when you want to emphasize a significant element in the data. 
e A line chart is drawn to understand the trends in data at regular intervals. 
area chart is used to visualize the magnitude of change in data over time. 
An XY (scatter) chart displays the relationships among numbers in several data series. For 


s, it plots two groups of numeric values as one series of XY coordinates. 


sk It is often used to depict stock price data. However, it can always be used to show other scientific 
ike temperature changes. 


A surface chart is drawn when you want to find optimum combinations between two data sets. 
r example, in a topographic map, colours and patterns indicate areas that are in the same range of 


shnut A doughnut chart resembles a pie chart as it depicts the relationship of parts to a whole. But 
the pie chart, a doughnut chart can contain more than one data series. 


bubble chart, data is arranged in columns so that x values are listed in the first coli 
5 er in g Y values and bubble size values are listed in adjacent columns. column and 


A radar chart is used to compare the aggregate values of a number of data series. 
ogies Used in Charts 
he entire chart area containing the data series, the axes, tiles, and s 


Data series 
A range of related data points in 
a chart, such as bars, columns, or 


by defaulea ple slices 


value axis 
> 8.86 Terminologies related to charts 
e Name assigned to individual data points. Display on chart is opti 
ues from cells on worksheets that are displayed as bars, lines, colum 


A group of data points. For example, the entire line in a chart. 

\ value that controls the spaces between bars on the chart. ) 
plot area. These lines help to easily make reference back to the a 
data series by names and symbols. ; 

n of the chart which is bound by the vertical and horizontal axes 


ie which the chart will be printed on the pa 
/ the steps given below to print a chart along with 


h measure of wearing out of a fixed asset. All fixed 
h time and constant use. Assets usually depreciate 


also decrease in value as they are replaced by newer techno 
ago will never be as efficient as the one available to 


recorded in the Profit & Loss report either on a monthly or an annu 
d from the cost of the asset gives the net book value of the asset. 


uency Distribution 

Statistical 
meters 

cy distribution table in Excel 

pshot of how data is spread 

if you have a large set of 

ou want to categorize them in 

then frequency distribution 


n7 


data. 
bins of 


OF CHILDREN GETTING 90 - 100 MARKS 


Figure 8.90 Countif function 


AR 


x can hold data of different 
mbers, currency, dates, etc. 
ge the width of column(s) by drag- 
boundary of the column heading 
has the desired width. 
E of formula is displayed in the cell 
is been currently selected and contains the 


‘name of every function is followed by brack- 

In between the brackets, the arguments (range 
ls) are specified. 

en the data of cell(s) is linked to other cells, 

"then the data is dynamically pulled from the source 

cell(s) into the linked cell(s). 

+ The correlation coefficient value between —1 
“are related to each other. 

* Regression analysis is done for estimating the 
relationship between a dependent variable and one 
or more independent variables. 

+ The VARA function calculates the sample vari- 
ance of a supplied set of values. 

* The FV function is used to find out the future 
value of a particular investment that has a constant 
interest rate and periodic payments. 

+ The FVSCHEDULE function is used to calculate 
the future value with the variable interest rate, 

+ The Present Value function is used to find out PV. 

+ Net Present Value is calculated as the sum of all 

g positive and negative cash flows over the years. 

' The XNPV function is similar to the NPV func- 
ion but with a difference that this function IS used 
when the payment and income are not periodic. 


i and +1, which tells us how strongly two variables 
|! 


AT n 
off for a p 
interest rate, f 
The IRR function is used to 

project or investment is profitable or 

more than the acceptable rate, then itis 

to be profitable else not. 

NPER function is used to specify the number of 
periods one requires to pay off the loan. 

The RATE function is used to calculate the interest 
rate needed to be paid to pay off the loan in full for 
a given period of time. 

The EFFECT function is used to calculate the 
effective annual interest rate when the nominal 
interest rate and the number of compounding per 
year IS given. 

The SLN function is used to calculate depreciation 
via straight line method, 

The STDEV function calculates standard devia- 
tion of a supplied set of values. 


A 


Data table is used to perform what-if analysis. In 
a data table, one or two inputs are varied in some 
of the cells and the requirement is to come up with 
different answers to find a solution to a problem. 
Database Functions help users to work within a 
database (i.e. a large number of organized data 
records), stored in Excel. 
A frequency distribution table in Excel gives a 
snapshot of how data is spread out. 
Ratio analysis is specifically done to test a busi- 
ness's efficiency, liquidity, profitabili 
s A tabilit 

solvency. » pn 
Payroll statement of a company details the total 
amount of mo i 

ney that a company pays to its 


employees and is a record of its loyees” sala- 
ries, bonus, and taxes. o ; 


Mm. 


49. 


(c) Acid-test ratio 
(d) Liquidity ratio 
compares 
assets to its current liabili 
(a) Working capital 
(b) Current ratio 
(c) Acid-test ratio 
(d) Liquidity ratio 
is a stronger measure 0 
as it only uses cash and those ii 
be quickly converted to cash from: 
assets. 
(a) Working capital 
(b) Current ratio 


of tables, multiple table handling —defining relationship [foreign key], sim- 
conditional queries, types of queries [update, delete, append], forms, reports, 
ion to SQL through basic commands. 
ig DBMS in the areas of accounting, inventory, HRM and its accounting, man- 
the data records of employees, suppliers, and customers. 


9.1 INTRODUCTION 


Microsoft Access is a database management system (DBMS) from Microsoft that combines the rela- 
tional Microsoft Jet Database Engine with a graphical user interface and software development tools. 
]tis a member of the Microsoft Office suite of applications, included in the professional and higher 
editions. 

Similar to relational databases, Microsoft Access allows you to link related information easily. It can 
also import or link directly to data stored in other applications and data = 


Databases in Access arc composed of many objects, but the following are the major objects: 


* Tables 
« Queries 
* Forms 
* Reports 


9.2 CREATING DATABASES 


In MS Access, you can create ^ dae miae A Sino en dE 
database either by using 2 template or —— M — —À toe 


! "base from scratch. 
create a blank database 
An Access desktop database is a 


fully functional relational database 


Should | create an Access 2013 app or an Access desktop 


File Name : 


Figure 9.2 Using templates to create a database 
ss 2013 creates the database as shown in Fig. 9.3. The navigation pane contains all its 


LOL 


[re 
ses Dieses Vitam 
ph 2 


e requirements can be so specific that usi ifyi 

framenti o using and modifying the existing 

work than just creating a database from scratch. In such a case, we make use 
n MS Access. 

Blank desktop database. Enter the name and click the Create button (see Fig. 9.4). 


Sign in to pet We most out ot Otce @ 
x 

Blank desktop database 

sould cresia an Access 201) pp or an Acces desktop daba 

Fia Name Ben. 

Databased acca a 

Dicta 


Figure 9.4 Creating a blank desktop database 


Step 3: Access will create a new blank database and will open up the table which is also completely blank 
as shown in Fig. 9.5 


TABLE TOOLS Dolabased . Database 0:\atabenes\Detabaned ccdd (Ac. nr -D x 
A OATADASETOOIS EDS TABLE Signin @ 
Y sancion» | fg ion Ero Pa a El 
i Dan Deum an doen 
Alle X Delete + ElMon- be at-a a- 
E E Moris tra Ton Formatting l a 
pum Dent x 
All Access Obje Te ---— i 
LET | 


dell 


E pecora M i 


i 


i Figure 9.5 A blank database 


or Deleting Fields 


: Click the column to the 
which a new field is to be 


Step 2: Click the data type 

required for the new field. You can 

also select the data type from the 

Add & Delete group of Field tab. A 

new field will be inserted (see Fig. 

9.8). 

Step 3: Similarly, to delete a field, Figure 9,8 Adding a field 


click on the column header of the 
field to be deleted. From the menu, select Delete field. Another way to delete a field is to click on 


followed by clicking Delete button in the Add & Delete tab of Field tab, as shown in Fig. 9.9. 


EN o CREATE EXTERNALDATA__OATABASETOOLS FIELDS | TABLE 


2 qn E fe pu] Oe enter 7 Jome = 


aE ARAUCA Format: Formatting 
al Sting 56 + | 8 sh 


2/01/1902 Tre 

92/10/1990 G6, Rohini, delhi 

30/04/1989 C-65, sardar bazar 

Pe iH M Adarsh nagar, de 
Uis sec ao Gardan, deihi 


tab. X E 
group, click on Table Design button to open the Design 
No field as the primary key by right clicking on the field and 
Alternatively, you can also select the field and then click on the pri 
Design tab (see Fig. 9.11). A key icon appears in the selector area to the 


re 9.10 Creating a table in design view Figure 9.11 Setting the primary key 


4: After adding the fields and setting their data types, save the newly created table and name it 


tables Figure 9.12 
database object. 
rou divide your information into tables, = of 
‘evs to related tables that reference those primary keys. 
in E gs form the basis for table relationships and. 
ld create table relationships before you crea 


1 key-primary 
several reasons why you shou! 


such as forms, queries, macros, and reports. 1 
you often must create a query that joi 


eld of the first table with 


D 


+ To work with records from more than one table, y 
The query works by matching the values in the primary key fi 
field in the second table. ' zu 

or report, MS Access uses the information it gathers from 


* When you design a form ‚the , e 
tionships you have already defined to present you with informed choices and to prepop 


erty settings with appropriate default values. 


Example 9.3 Define a relationship Egg rowe | cree oemuuoara — DATABASETOOLS 
between the Employee and Department ifi 2 
tables by defining the primary key of the vw pue “2°” 
Department table as the foreign key in the we cman 
Employee table. All Access Obje... © « [El besarme fE empoy 
Solution: Here, each department of the 75 Fi 
XYZ Organization can have more than one 
employee and each employee can work only 
in one department. 
Step 1: Edit and add a new field in the 

loyee table in Design View as Dept_No 

gn key) which refers to the Dept No Figure 9.13 Step 1 
y key) of the Department table, as shown in Fig. 9.13, 


Database Tools and select Relatii nships 


Figure 9.15 Step 3 Figure 9.16 Step 4 


E Click and hold Dept. No from Department and drag that all the way over to the Dept. No from 
Employee. Further, a relationships window pops up, as shown in Fig. 9.16, when you release the mouse. 


ES Do not forget to check the Enforce Referential Integrity option, 


Step 5: Click on the Create button. 


Step 6: Insert the data for Dept_No field (foreign key) in the Employee table as shown in Fig. 9.17. 


favonsnipr [EN Employee (EB Department 


Tapa [lErap Name =] Daie_or sinh [Andres Don E 


1 Garima Sharma 73/01/1992 C-34, Model Town, deihi Manager 
2 Jayesh Tandon (02/10/1390 66, Rohini, deihi Engineer 
I2 3 Hiten Chawla 30/04/1989 C65, sardar barar Technician 
4 Vikas Gupta 25/11/1999 A6 Adarsh Nager, deihi Accountant 
| 5 Kavita Jain 21/05/1994 46C, Dilshad Garden, delh — Enginwer 
* (New) 
(a) 


ate of Birth = address z[besgnationz] Saar T — 
73/01/1992 C-34, Model Town,deli Manager pen BERE n 
2 Jayesh Tandon 02/10/1990 66, Rohini, delhi pares E 


3 Hiten Chawla, 30/04/1989 rdar bazi 


5 Kavita Jaln. 
(New) 


A namaa A 
Ex e 
nts intonation ob = E 


provides a custom view of data from one or more tables. Queries are a way of 


object 
and compiling data from one or more tables. 
Running a query is like asking a detailed question of your database. When you va 
Access, you are defining specific search conditions to find exactly the data you want. | 
You can define queries to select, update, insert, or delete data. You can also define queries 


new tables from data in one or more existing tables. 


9.5.1 Creating Queries using 


[ wana 
Query Wizard Es = pe 
S. A Mentem 
Step 1: Click on Query Wizard in Queries f 
group in the Create tab. 


Step 2: A New Query dialog box opens up as 
shown in Fig. 9.18. Select Simple Query Wizard 
and click Ok. 

Step 3: In the dialog box that is displayed, select 
the table that contains your data. 

Step 4: The fields of the selected table will be 
displayed in the Available Fields Box. Add or 
remove the fields in the Selected Fields textbox _ 
using the appropriate buttons as shown in the Figure 9.18 New query 


uery can be used to view, insert, delete records, or appl i 
‘in one or more tables. r apply some calculati 


I4 Create a query to select Emp_Name, 


foll Designation, and Salary from 
the aforementioned steps 1 
d list, P! Add Emp_Name, 


ail or Summary as required 
on Next, as shown in 


p 7: In the dialog box, type an 
te name for the query. Select 
the query to view information 
| finally click on Finish (see Fig. 
| The query result will be shown 
- jp Datasheet View. 


r 


et ER Result: 


Emu 
[9f AS j = 
MET 


[Vias Gupta _ Accountant. 


E Tata timon rra eam ar [kavitasain Engineen 


Do you want to open the 
Ihe query o modify the aura dest 


Figure 9.20 Opening the query 


9.5.2 Creating Queries using Query Design 
DATADASETOOIS DEN 


Ege 
SOs. 


TERNAL DATA 


Step 1: Click on Query Design in Queries 
group of the Create tab. 

Step 2: A Show Table dialog box will 
appear on the screen as shown in Fig. 9.21 
Select the Table and click on Add 

Step 3: Close the Show Table Dialog box 
and select the fie 
query by double clic 


log box to add ables or queries 


jds to be included in the foe quay dale 
king on the field's 


name. 
Double click on * to select all 
the fields of the table in the 
Grid and Query as well. 
Figure 9.21 Show table dialog box 
Example 9.5 Create a select query to display a list of Dept Name and Dept location fr 
x location from 


Department table. 


Bee Harn wizard Figure 9.36 Next steps in form wizard 


jp 5: Select the form layout and click on Next. 


Give a sui a - 
ES. E" name to the form and click on Open the form to view or enter information, as 


Step 7: Click Finish. 


9.7 REPORT OBJECT 


Report is an object in desktop databases designed for formatting, calculating, printing, and summarizing 
the selected data. 
You can view a report on your screen before you print it, Anything you plan to print deserves a report, 
Whether it is a list of names and addresses, a financial summary for a period, or a set of mailing labels. 
Reports are useful because they allow you to present components of your database in an easy-to-read 


format. 
Access offers you the ability to create a report from any table or query. 


9.7.1 Creating Reports using Report Command 


Step 1: Double click on any table to open it. 
Step 2: Click on Reports in the Reports group of Create tab. 


Step 3: Select the layout view to format the report. 
Step 4: Click on the Print Preview button at the bottom right corner of status bar to see how the report 


looks. See Fig. 9.37. 


| a Employee A 


— nosset 
Te oss 


Seo 


Dote_of, bith Address Designation Solary  Depi-No 


From the dialog box, you can select the sorting order and summary options. 


Click on Next, From the dialog box, select the layout of the report. Also select eith 
entation section and click next (see Fig. 9.39). 


How would you ce to lay out your report? 


‘That l tha formation i 
pest. he wird neede to ta Your 


Oo ov wart 
ant were herr md e rt 


Figure 9.40 Steps to preview the report 


"The report will be displayed on the screen, You can print this report using the Print option in the File 


menu. 


9.8 INTRODUCTION TO SQL THROUGH BASIC COMMANDS 


XYZ Organization : Database- D’\databases\> 
CREATE — EXTERNALDATA DATABASE TOOLS 
Bl Ascending Ye Selection” la da New XT 
Refresh, 


Structured query language (SQL) is a 
computer language for storing, manip- 
ulating, and retrieving the data stored in 


arelational database. SQL is the stand- 
ard language for a relational database 
S such as MySQL, 


system. All the RDM: 
MS Access, Oracle, Sybase, and SQL 
Server, use SQL as their standard data- 
base language. 
Whenever you creat 
Query Design, Access 


JU Descending Advanced = Bswe Fs 
hy temoveson "Y Toggle Fiter aite 2< Delete + [SIN 
Sonta riter 


Fiter 


"ræ 


e a query in |m Tee. 
automatically ae ad 
creates the SQL query for you. This | za sune auv 
actually retrieves data from the tables. 
We can see how a query is created in 
)L when we create it in Query Design. 
9.11 Show the steps to 
which is created eh ad 
(to select Emp. Name. vals Jit 


and Salary from 


Opening a query 


Figure 9.42 SQL ofa query 


Figures 9.43(a)-(e) show the SQL queries generated for various queries. Fig. 9.43(a) shows the SQL 
query of the conditional query that displays the details of those employees whose salary is greater than 
7500. 


" Select query - salary greater thn 7500 


tam e Ü Empl signation, Employe 4 


E 


(a) 


Figure 9.43(b) shows the SQL query generated for a conditional query that displays the details of those 
employees whose Designation is ‘Manager’ and Salary is greater than 7500. 


« 3 condition on designation and salary [ 


Figure 9.43(c) shows the SQL query generated for an update 
Emp id is 3. P 


query to update salary of employee Whose 


Br 


).43(€) shows the SQL 
i... ee append all the records o 


ISERT INT 


“ (e) 
“Fig. 9.43 SQL queries (a) Salary > 7500 (b) Designation = 
; s Sala 5 signation = Manager and Salary > 7500 i 
s of Emp. id = 3 (d) Deleting Emp. id = 2 (e) Appending records j^ a 


9.9 APPLICATION OF DBMS 


ystems find application in a large number of fields today. Some of them are 


tabase management s; 
scussed in this section. 

It is a systematic process of identifying, recording, measuri if r 
m E. Var and malta financial rim es In a yu das. 
chieved through the report object which is used for formatting, calculating, printing, and s DE = 
ted data. ummarizi 
an resource management (HRM) Itis the practice of recruiting, hiring, deploying, and 
ion's employees. managing 


is done using the Empl 
their salaries, and 


the department they work in are managed using these 


oyee and Department tables used in this chapter. All the " 


M 


ment tools 


' An organized collection of data 
e An object that is used to define and store 


T key Used to uniquely identify eac 
og ify each 


| Multiple-ch ice Questions 


1. Queries in Access can be used 1. 
(a) to view, change, and analyse data in 
different ways 
(b) as a source of records for forms and 
reports 
(c) both (a) and (b) 
(d) none of these 


2. To create queries in Access, you can 


(a) drag and drop fields on query builders 
(b) type the SQL command in SQL View 
(c) use Query Wizard or Design View 
(d) all of these 
3. Query Design window has two part 
upper part shows à , 
(a) name of fields, field type. and size 
(b) tables with fields and relationships 
between tables 
(c) criteria 
(d) sorting check boxes 
4. What does the show bes 
i indow indicate ` 
(9) indicates whether the field is to be 


used or not. j 
(b) It indicates whether the field is to be 


s. The 


k box in Query 


displayed in query result or not. 


or the same table ] n 


Query An object that provides a custom view 
data from one or more tables 

Form An object in a desktop database designed 
primarily for data input or display or for control of 
application execution 


Report An object in desktop databases designed 
for formatting, calculating, printing, and summa- 
rizing selected data 


5 ER 


(c) It indicates whether the field names are 
to be displayed in query result or not. 

(d) None of these 

5, What isa form in MS Access? 

(a) It is a printed page where users will 
write their data to fill it up. 

(b) It is an input screen designed to make 
the viewing and entering of data easier. 

(c) This is an important part of database 
used by analysts to draw conclusions. 

(d) All of these 

6. Which of the following statements is true? 

(a) Reports can be used to retrieve data 
from tables and calculate. 

(b) Queries can be printed in a well for- 
matted manner and presented as the 
information. 

(c) Queries can include calculated fields 
that do not exist in the table. 

(d) Reports and forms are similar, but forms 
are used to print and reports are used to 
display on screen only. 

7. Two tables can be linked with relationship so 
that the data integrity can be enforced. Where 


can you find the relationship command’ 
(a) File menu E 2 


1 when you release the mouse 
inter after you drop the primary key of a 
into the foreign key of another table? 
(a) A relationship is created 
, Edit relationship dialog box appears 
? (c) Error occurs 
= (d) Nothing happens 
_ 10. What do you mean by one to many relationship 
^ between Student and Class table? 
(a) One student can have many classes 
(b) One class may have many students 
(c) Many classes may have many students 
(d) Many students may have many classes 


11. Referential integrity means: 


(a) do not enter a value in the foreign key 
- field of a child table if that value does 
not exist in the primary key of the parent 
| table 
-. (b) do not enter a value in the primary key 
field of child table if that value does not 
dst in the primary key of the parent 


‚not enter a value in the foreign key 
a parent table if that value does 
the primary key of the child 


(6) dou 
(c) both (a) and 
(d) none of these 


. If you write criteria values. 


row), it will mean 
(a) OR condition 
(b) AND condition 
(c) NOT condition 
(d) none of these 


. To achieve AND effect when 


criteria in Query Design window, 
(a) write the criteria values 
a row 
(b) write the criteria values ho 
(c) write the criteria values in 
separated with AND 
(d) write the criteria values in sa 
separated with & 


. When a picture or other graphic 


placed in the report header s 

appear 

(a) once in the beginning of 

(b) at the top of every page 

(c) after every record break 

(d) on the first and last pages of 
data type allows I 

characters and special s 

(a) Text 

(b) Memo 

(c) Auto number - 

(d) None of these. 


is a database object to view, 
analyse data in different ways. 


of the following creates a drop-down 
values to choose from a list? 


) 
(c) ORDBMS 
(d) Network database 


. What is the full form of SQ 


(a) Structured Query T. 
(b) Structured Query List — — 
(c) Simple Query Language — — 
(d) None of these 


. Which of the following SQL st: 


correct? 

(a) SELECT Username AND 
FROM Users 

(b) SELECT Username, Passwe 
Users 

(c) SELECT Username, Passw 
Username = *userl* 

(d) All of these 


Syllabus Mapping 


Module II 
Unit 10 


duction © HTML; Tags and attributes: text formatting, fonts, hypertext links, 
tables, images, lists, forms, frames, cascading style sheets. 


10.1 INTRODUCTION 


Hypertext markup language (HTML) is not a programming language, it is a markup language that 
uses tags to design web pages. It is an interpreted language, a notation for describing document struc- 
ture (semantic markup) and formatting (presentation markup). Web browsers such as Internet Explorer, 
Google Chrome, and Mozilla Firefox are used to view HTML documents. 

A web page is a document or text file commonly written in HTML that is accessible through the 
Internet using a web browser. A web page is accessed by entering a URL address and may contain text, 
graphics, and hyperlinks to other web pages. 

An HTML document must have a htm or .html file extension HTML files can be created with either 
text editors such as Notepad, Notepad ++ or using HTML editors such as Microsoft FrontPage, Netscape 


Composer, and Visual Studio 


10.2 STRUCTURE OF HTML PAGE 


An HTML page has two distinct parts—the head and the body. 

Head This is the header portion. We can use title, script, and metadata tags in this portion. The head is 
used for text and tags that do not show directly on the page. 

Body This is the place where we can enter text, table, graphics, and other work. The body is used for text 
and tags that are shown directly on the page. 


rises tags (OF elements), eN 
d- IDOCTYPE- declaration must be the very first thing in your HTML document before the 


i à b browser about what version of HTML the is written i 

; an instruction to the we page is written in. 

<html> ade = = provide information about the page content structure, Every tag has opening and 

b The sri Ta may s. They are nested one inside another. Each HTML tag describes 
losing » 1aB> 


a different page ae : 

two types of tags: 

ies e 's A that do not require an end tag. Example: <br/> 
e “These tags contain both an opening and an end tag. 
Container tags The: ie ee Bin, 


have attribute: 


img> tag is used to display images on an HTML page. Images are linked to the htn 
‘tag. It creates a holding space for the referenced image. The various attrib c 
Table 10.2. 


Attributes of <img> tag 


Description 


is shown in Fig. 10.8. 
DEMOSTRATING THE IMAGE TAG 


Figure 40.8 Output of example 10.4 


<table> Tag 


‚in HTML are defined row by 

xels. The <table> tag itself contain: 
to define table header. The attril 

Description 


le 10.3(a) Attributes of table element 


The <table> tag creates a 
define a new row, 
e>tag are listed in Table 10.3(@)-(e). 


row. 
s <tr> tag to 
butes of the <tabl 


Specifies the background color for tabl 
Vertically align the text in table cell 
Width in pixels or percentage of table cell 


üre 10.9 Source code for Example 10.5 


e output is shown in Fig. 10.10. 


¡Employee Name [Department Name 


Figure 10.10 Output of Example 10.5 


LISTS IN HTML 


three ways for specifyini 


g lists of information. All lists must contain one or more 


L provides 
using plain bull 
bullet; defau 


] 


demonstrate the <frame> and <frameset> tags. 


wn in Figs. 10.13(a)-(d). n 


appends the form-data to the URL in name/value pairs. 
isa limit to how much data you can place in a URL (varies between browsers) 
be sure that all the form-data will be correctly transferred, 
use the get method to pass sensitive information (password or other sensitive 


e visible in the browser's address bar). 


‘method sends the form-data as an HTTP post transaction. 


submissions with the post method cannot be bookmarked. 


| post method is more robust and secure than ‘get’, and it does not have size. 


40.8 Write a code to demonstrate the <form> tag. 
Create an html page say, form.html containing the source code sho 


Figure 10.16 Output of Example 10.8 


10.5.3 Link Tag 
The <link> tag defines the relationship between a document and an external resource. The < 
most used to link to style sheets. It is an empty element, it contains only attributes. This ele 
only in the head section, but it can appear any number of times. The attributes include href, rel 


type, etc. 


10.6 CASCADING STYLE SHEETS 


Styles define how to display HTML elements. Styles are normally stored in style sheets. C 
sheets use the <style> tag for styling. The syntax is as follows: 
a s selector {property: value} 
selector is normally the HTML element/tag. The property is th i i 
Es Cor cadi property is the attribute you wish. 


html page say, style.html containing the source code as shown in 


* 


e output is shown in Fig. 10.26. 


| Style 


external sty 


external styl 
must inclu 


Example 40.14 Write a code to demonstrate external st 


Solution: Create an html page which contains a reference to 


PEIDOCTYPE html> 
<html> 
<head> 


"link rel="stylesheet" type="text css" href 


</head> 
<body> 


hi>This is a heading</h1 
<p>This is a paragraph.</p 


</body> 
</html> 


body { 
background-color yellc 


) 


JW; 


hl { 
color: grey; 
margin-left: 50px; 
text-decoration: 


code for E 


e 10.27 Source 
ss. html (b 


Figur 
(a) ex e 


The output is shown in Fig. 10.28: 


underline; 


xample 10.14 
) ext. style.c5s 


le sheet can be written in any text editor. 


The file should not contain any HTML tags. The style 

sheet file must be saved with a .css extension, With an Figure 10.28 "CHU of Example 10-18 
e sheet, you can change the look of an entire website by changing just one file. Each page 
de a reference to the external style sheet file inside the < link> element. 


"ext. style.css" 


a) 


(b) 


yle sheet. 
an external css file (Fig. 10.27). | 


Website Designing - HTML 


This is a heading 


THIS IS A PARAGRAPH. 


‘This is a paragraph. 


Figure 10.28 Output of Example 10.14 


(c) Text-size 
(d) Text-style 


39. How do yous 
"test"? 
(a) ‚test 
(b) test 


property? 
(a) Relative 
(b) Static 


